If your business makes use of technology to store data, then you need to make sure you have comprehensive cyber security in place to prevent data leaks.
Starter Policy: Drip Feed Access
Setting up a new employee can feel like a slow and laborious process sometimes. Some businesses try to get the ball rolling quicker by giving starters the same IT access as their predecessor. Unfortunately, doing this can put your data security at risk. It's important that you only allow new employees to access data they need and nothing more, even if your other employees have full access. There are several reasons for this. The first is that you don't know the intentions of an employee you haven't become acquainted with; it's always possible for someone to join a company to sabotage it or use their position for fraudulent purposes. The second reason, and the one which applies to the majority of cases, is that a new employee won't know your system well enough to be sure they won't accidentally delete or modify important files.
The best starter policies begin with allowing new employees minimal access, even if that means they need to consult a senior staff member occasionally to access higher level files. Then, after a period of training and assessing liability, you can begin to allow them to see and edit other files. Ideally, even after new employees have been working for you for a long time, they should still only be able to access files that are needed for their specific position.
Leavers Policy: Change Everything
When it comes to employees leaving, the most important thing you need to do to ensure data security is be comprehensive. Once a staff member has left your business, every point of access they have needs to be removed or changed. First, shut down their access to their company email account and forward all their incoming emails to another employee who is still working for you. The previous emails in their inbox should be archived and encrypted. Next, all passwords need to be changed. This includes computer passwords, phone and voicemail passwords, and log-ins for any other software or tool you use in the office. Finally, for extra security, make sure your ex-employee doesn't still have access to the premises by removing their key or changing key cards.
Remember that this is necessary even if your employee appears to be parting amicably; you never know whether an ex-staff member has negative feelings towards the company or would be willing to breach your data in exchange for money from a competitor or fraudster.
Good starter and leaver policies are a great way to boost data security, but they're not the only ways. Contact anIT support services company for help setting up a comprehensive data security system that covers everything from policies to USB access, print auditing, and secure backups.
Share