Best practices for offboarding start with onboarding
Offboarding is part of a company’s broader IT security and HR management policies. Best practices include the following:
—Establish a security and compliance group within the company. This group should monitor two key areas: 1) who has access to which IT services and 2) how information is being accessed and shared.
—Put in place a clear set of company IT policies. This includes policies on application usage, a list of approved sites and services and a list of approved software and applications that employees can use.
—Provide role-based access to applications. Maintain an approval process for all services, applications, and equipment that employees need. Keep records in a centralized database, so you know what each employee was given.
—Create a central repository for administrative logins and passwords. Don’t give users administrative rights to their laptops.
—Eliminate shared logins/accounts. Assign each account to one person whenever possible.
—Conduct regular audits of user accounts (LDAP, Active Directory®, and all applications). Track all of the applications being used, so you know who “owns” them and what access and control IT has.
—Set up accounts in a central location, such as Active Directory in Windows® environments, and make sure all cloud applications are SAML authenticated. This makes it easier to manage and de-provision employee accounts.
—Use unique identifiers when creating new employee accounts. This way, if a user has different name listings (e.g. J. Smith, Joe S., etc.), it’s easier to find all of the applications with which he or she is associated.