The cost of a data breach report 2022 by IBM stated that employees and contractors were responsible for 21% of the breaches. Privilege misuse of one of the principal factors responsible for the onslaught of data breaches. Privilege misuse can be defined as a pattern where people who own legitimate credentials to perform their jobs use them to steal data.
Similar to privilege misuse, there are several cyber risks associated with employees. Most of these are often overlooked while onboarding and offboarding employees, which is were threat actors are most likely to enter.
Let’s take a look at some of the steps organizations can take to prevent cyber risks associated with employees.
Cyber risk prevention guide for onboarding employees
Transforming a new hire into a well-informed employee of your organization is termed onboarding. There is no definitive timeline for an onboarding process, but it begins with the hiring process of a new employee and continues through the time they’re fully settled and involved in their role.
The majority of big companies have formal onboarding processes, while only some of the small companies have a formal process. In addition to the new skills and experience, new employees also bring new risks to the organization. Whether your organization has a formal onboarding process or not, there are a few things you must take into account with new employees to ensure cybersecurity.
Collect essential background information
Background information of the employees includes but is not limited to
- Their educational background – The organization must ascertain that the employee is qualified as they claim to be. In the view of cybersecurity, this step helps the organization determine how much knowledge one can expect from the employee regarding cyber threats.
- Their experience – The background check with their previous employers can reveal whether the employee can be trusted with sensitive information. A sour experience with a previous employer can be acceptable only if it is not repetitive. You can check whether the employee has tried to cause harm to their previous employer digitally or physically.
Verification can take you a long way in hiring reliable employees. Background checks can be done by the HR department or can be entrusted to outside agencies.
Prepare reliable hardware and software
If the employee is working remotely, it is advisable to send them hardware loaded with the required software and applications. If the employee chooses to use their own hardware, it must be checked for possible malware.
Hardware used by the employees – whether in the office or a remote setting – should be bought from reliable dealers as there are numerous cases where the hardware is pre-installed with malware. Quarantine the new hardware and check it for bugs before using it in your business.
Before allowing the employees to use hardware, your IT department must blocklist websites that can bring cyber threats. If any repair is required, the hardware should only be sent to trustworthy parties.
Software must be bought from developers and not downloaded from dodgy sources to prevent malware attacks. Installation of additional software should require administrative rights to block employees from downloading malicious content. In addition, update your software regularly to patch the known vulnerabilities.
Issue required permissions
Permission to access the organization’s databases must be given per employees’ need to know. In short, if they need the information to perform their job, share it; otherwise, don’t. The new employees might also need official email addresses and new IDs to access shared software.
Make the software and database access password protected. Passwords are your first defense in the cyber world. Most of the time, employees are required to change the password set up by the IT department while creating their IDs.
However, employees tend to go along with the same password and create vulnerabilities. Ensure that your new employees use their own passwords instead of generic ones and that their passwords are strong.
In organizations where information is imperative, confidentiality agreements are given to the new employees to sign. These confidentiality agreements must be written with legal help as they are binding on both parties.
Ensure that any agreements with their previous employers do not bind the new employees. For example, some organizations have contractual agreements with their employees that they will not share client details with outside parties.
Conduct security training
This is by far the most important aspect of onboarding employees. Every organization has a different cybersecurity policy, and training helps it to convey it to its employees. Some of the important aspects to be covered in training are given below.
Cyber risk prevention guide for offboarding employees
Figure: Cyber risk prevention guide for offboarding employees
Offboarding oversees the employee experience after the conclusion of their employment with the company. Offboarding encompasses all of the actions required to properly part ways with an employee after their resignation, termination, or retirement.
When done correctly, a straightforward offboarding procedure promotes a smooth transition for both the firm and the departing employee. It also plays a critical role in risk management, as employees can have access to a lot of information during their tenure. Remote work has added some more challenges to an already difficult task.
Cybersecurity risks involved in the offboarding process include
- Data breach – Intentional or unintentional damage to the database by using the login credentials given to them while working.
- Compliance violations – There are compliance violations when there is a data breach. Disgruntled employees – present or former – might use their positions to cause damage to the organization by leaking the data. This can lead to major compliance issues.
- Reputational damage – Data breaches can cause significant damage to the reputation of the organization. Customers might think twice about buying from an organization whose data has been compromised.
Although the offboarding process differs in every organization, here are some of the absolutely necessary steps for maintaining cybersecurity while offboarding employees.
Repossess the organization’s property
Employees are given organizational property to perform their duties. There must be a list of all the hardware and other properties given to employees, and they should all be collected at the end of the employee’s tenure.
The hardware should be checked for any malware that might have been installed while the employee was using it. Also, if there are any repairs needed, they must be done soon. If the hardware is damaged beyond repair due to the employee’s negligence, it should be deducted from their salary due.
Remove permissions and delete accounts
This is the most important step for cybersecurity that organizations often overlook. The employees are given permission to access databases and applications of the organization. When they stop working, these permissions should be rescinded; otherwise, they can be used to steal data maliciously.
Account IDs created for the employees to use the software should be deleted; otherwise, ex-employees can use the company software for their own purposes, which often have malicious intentions.
Monitor and audit employee activities before leaving
Most organizations mandate a notice period for employees. Sometimes, employees use this notice period to cause harm to the information system or steal data that can be used to further their careers.
These acts are not only immoral but are also illegal. When the employee leaves the organization, and especially when they leave with a grudge, appropriate audits must be conducted to verify whether the departing employee has downloaded too much data, inserted malware into the information system, or did any activity that they might not do under normal circumstances.
Reset shared passwords
There are many accounts, such as wifi networks and accounting software, where multiple employees share passwords. These passwords must be changed as soon as one of the employees leaves the organization. Many times such passwords are set according to a predetermined pattern, like a combination of employee name and ID number. If any employee leaves the organization, these patterns must be changed too; otherwise, they can guess another employee’s password to enter the organization’s information system.
Prevent email forwarding
A common hack used by departing employees is to forward the organization’s emails to their personal email addresses. This will keep them in the loop even after they have left the organization. The IT department must ensure that the leaving employee has not used this trick on any of the organization’s email addresses or other employees’ email addresses.
Notify the organization’s stakeholders
An employee is a representative and, in many ways, an agent of the organization. They represent the organization when communicating with suppliers, customers, shareholders, or even other employees. Therefore, if the employee leaves the organization, these stakeholders must be informed.
They should know the exact date from which they are leaving and the circumstances under which they are leaving the organization. It helps the organization to protect itself in many ways.
What has cybersecurity to do with an exit interview? Well, nothing as such, but HR can gauge the employee’s feelings in the exit interview. This will help them know whether the employee is unhappy and likely to cause damage to the organization. If HR thinks that that is the case, they must promptly inform the IT department to ensure they are on a without.
Any little change in an organization’s setup, including onboarding and offboarding of employees, can create cyber vulnerabilities. Cyber hygiene is not just about having a strong password, it extends to many other areas as well. We have discussed procedures to be followed while onboarding and offboarding employees for cyber risk prevention.
Every organization faces the challenges of cyber risks while onboarding and offboarding employees. However, if done in an appropriate manner, the organization can prevent these risks from becoming attacks. Book a demo with Srut to know more about the role it can play in the cyber risk scenario.
Meta description: This guide provides steps and procedures to prevent security risks while onboarding and offboarding employees. It can be helpful to human resource professionals and business owners alike.
Onboarding is the process of employing new employees in the organization or transferring the old employees to a new role. It often brings cybersecurity risks as the employee is put in a new environment.
Some of the most common cybersecurity risks associated with onboarding and offboarding employees are data privacy violations, non-compliance with security policies, and regulatory violations.
Some of the most effective ways to prevent privilege misuse are user access reviews, least privilege methods, and regular audits.