With insider threat in the headlines every day, how are companies still letting departing employees walk out the door—and right to a competitor—with stolen trade secrets and other valuable information? Because the typical employee offboarding process is riddled with gaps that let the data loss risk fall through unnoticed.
Here’s an all-too-common scenario: As the departing employee waves goodbye on his last day, HR pats themselves on the back for orchestrating a smooth exit. They have a new hire ready to take his place—and they even caught him trying to take a company stapler. But they weren’t looking when he moved customer lists to his personal Google Drive account a few hours ago. IT might have been able to see that data movement, but they’re busy decommissioning his laptop and removing network access privileges. And besides, data risk is aecurity’s job. Security knows that departing employees present their biggest data loss risk. But they’re not connected with HR’s offboarding process, so they don’t know who to be watching closely—and they don’t have the tools to see everything that IT can see anyway.
Shared accountability is critical for stopping insider threat
Security ultimately holds accountability for data risk and insider threat. But as you can see in the example above, security cannot do it alone. Without partnerships with HR, IT and legal, security is flying blind.
- HR needs to align with security, so they know who to watch.
- IT needs to align with security, so they can watch what really matters: the data.
- Legal needs to align with security, so they’re ready to respond immediately and with full information on the incident.
5 Steps to Stopping the Departing Employee Risk
What does the employee offboarding process look like when each team fully understands their discrete responsibilities and shared accountabilities? Take a look:
To Continue Reading…
Share a few pieces of information and we’ll personalize your experience with us