loader image

One of the greatest threats to your business’ electronic data is not closing the door when offboarding employees, contractors or third parties. Not terminating their access may expose your business to hacking, phishing, ransom attacks and other cyber threats.

Your offboarding process should include HR and IT, and should be routinized and documented, including:

  • Creating and maintaining an inventory of the party’s digital life, including company and personal devices, accounts, access, administrative permissions, licenses and responsibilities.
  • Setting a deadline for terminating all access, taking into account time or access needed to finish up or transfer work.
  • Auditing for former employees’ access to your files or systems.
  • Deploying a data management solution that can silo all employee data that must be retained.
  • Deleting employee access before they leave the building, discussing during the exit interview, and terminating all email software, cloud service, and other digital properties.
  • Terminating access to any apps, changing all passwords and setting up email and voice mail forwarding to a new account.
  • Using the “zero-trust model”, assume any offboarded person or entity cannot be trusted.
  • Taking all other actions to be sure the door is closed.

Should you have any questions or concerns in this regard, please contact me.

Douglas C. Tibble


This Brief is designed to provide our friends and clients with information regarding the various subject matters covered, it is not designed to take place of legal, accounting or other professional advice. If expert assistance is required, the services of a competent professional should be sought. This memorandum may constitute advertising under the rules regulating Illinois attorneys.

Brooks, Tarulis & Tibble, LLC
1733 Park Street, Suite 100
Naperville, Illinois 60563

630-355-2101 | info@napervillelaw.com | GET DIRECTIONS