It’s a terrible thing to realize you need to let an employee go. Whether it’s necessary because you’re cutting expenses, the role is no longer needed or the individual is not suited for the position, it’s painful to go through both for employer and employee. And when not handled appropriately, the employee may be left with tools they can use to harm the company long after they are gone.

Of course, you ask for keys to the front door and parking lot passes, employee identification and so forth. What other aspects of their employment could prove dangerous if not disabled? Consider their network access, administrative privileges, even passwords to online banking and other key systems. Depending on the  nature of their position, you’ll have different standards and issues to contend with but dealing with an ex-employee’s access rights needs to be addressed before they come aboard, not long after they are gone.

It’s a complicated issue and you’ll have to work with HR, IT and Legal to figure out what’s needed for your company or organization. Not necessarily my area of expertise either but the issue keeps popping up in the news, when companies fail to get it right. That’s when you might get an ex-employee motivated by anger or financial aims accessing your company assets and information illegally. Check out some of these stories to see what I mean:

A Virginia man commited a “cyber-assault” against his ex-employer and is sentenced to jail time and damages. He still had and used his admin access to their systems.

A Texas man hacked the energy forecast system of his ex-employer, a major power company. They failed to take away his VPN access and he didn’t surrender his company laptop as promised.

Another Texas man hacked a car dealer’s remote access system, disabling hundred’s of cars as a revenge plot. He’d kept the password of a fellow employee to abuse after his termination. The problem was finally resolved when all employees passwords were reset.