Skip to content

Employee Leaver Process: A Manager's Ultimate Guide To Secure IT Offboarding

Most companies have a polished onboarding flow but a fragile offboarding process, and that's where the security risks live. Here's how to fix it.

Eric Ryan
Talk to us
· Updated ·6 min read
Illustration of two colleagues shaking hands over a signed document with a logout icon, framed by secure-access, locked-folder and shield icons.

The past few years have been turbulent, with staff turnover and the rise of remote work at an all-time high. Most companies will have noticed the impact of ‘The Great Resignation’, or had to make difficult redundancies in response to the pandemic and the cost-of-living crisis. With employees changing jobs more frequently, are you sure your employee leaver process is robust enough to combat the security risks that come with IT offboarding?

The likelihood is it’s probably not, which leaves your business exposed to potential cyber attacks and data breaches. And the numbers from research conducted by Beyond Identity are sobering:

83% of employees keep accessing old accounts Still accessing accounts from previous employers after leaving. Beyond Identity research

Worse still, 56% say they’ve used that continued access to harm a former employer, turning a loose offboarding process into a direct business risk.

Picture this: one of your employees has handed in their notice. You get busy with the exit interview, collecting access cards, advertising the job, interviewing candidates, organising a leaving present. But have you ever thought about the technical side of employee offboarding?

Neglecting to properly remove former employees from accessing your systems and applications is where the major security issues with offboarding lie. So next time one of your team decides to pursue another opportunity, make sure your cyber security is front of mind, did they ever really enjoy team drinks anyway?

The major risks to your security when employees leave

Whether your employee leaves the company on bad terms or not, an unreliable leaver process can expose you to a number of IT security and financial risks that can end up damaging your reputation. Here are the major threats you face without secure employee IT offboarding:

What's at stake

  • Data breaches

    A former employee with access to confidential data could sell it on the dark web or accidentally expose sensitive records.

  • Damage to your reputation

    Disgruntled employees with access could abuse your brand, imagine a mass email going to all clients with harmful content.

  • Cyber-attacks

    Ex-employees can sell company data or passwords for financial gain, leaving you vulnerable to professional cyber criminals.

  • Compliance violations

    Regulators can issue substantial fines for breaching data-protection rules, financial loss plus loss of public trust.

The risks of an unreliable leaver process: a short case study

A real-world case

In 2018, Pagosa Springs Medical Center, a critical access hospital in Colorado, USA, found themselves at the centre of a serious HIPAA violation. A terminated employee was not properly offboarded, they retained remote access to the medical centre’s calendar system, which contained the confidential medical information of at least 557 individuals. The fine: $111,400.

HIPAA (The US Health Insurance Portability and Accountability Act) calls out the need for a formal offboarding process under the security rule section: “Implement procedures for terminating access to electronic protected health information when the employment of a workforce member ends.”

HIPAA is just one standard that can be violated due to improper offboarding. There are many similar regulations globally that carry similarly serious consequences for non-compliance.

Best practices for a seamless employee leaver process

So, you’ve heard how detrimental improper IT offboarding can be. But how exactly do you make sure your business is secure when employees leave?

The five pillars

  • Onboard correctly

    Start with least-privilege access and a Privileged Access Management solution, what isn’t granted doesn’t need revoking.

  • Communicate with HR

    Cross-departmental visibility on resignation, last day, return-from-leave and contract renewals.

  • Find the right identity partner

    An IdP that supports automated deactivation, instant revocation, and easy re-activation.

  • Keep a list of technical assets

    Laptops, monitors, mobile devices, headphones, USBs, software licences, domains, track every asset to every employee.

  • Recover and repurpose securely

    Back up business data, wipe with NCSC-approved erasure software, redeploy to new starters.

Your quick checklist for offboarding employees securely

There’s a lot to keep on top of when an employee leaves, and if multiple employees are leaving each month, that’s a lot of admin. So how do you keep on top of it all?

Use this checklist as a key step in your employee leaver process:

  1. Track employee exit dates

    Establish a routine for IT and HR to communicate clearly about exit dates. It ensures company-owned devices are returned and the departing employee has no access to company systems and sensitive data.

  2. Block account access

    Maintain a full list of systems the departing employee has access to, devices, applications, customer databases, cloud systems. Transfer ownership where needed. Block remote access and terminate VPN.

  3. Revoke email access

    The employee’s inbox likely contains critical contacts, valuable data, and sensitive files. Revoke email access on the last day. Wipe locally-synched emails from personal devices. Remove Teams and internal app accounts.

  4. Update shared passwords

    Sereno’s IT teams often see employees sharing accounts, we discourage this practice. If it’s happening in your organisation, rotate the passwords on every shared credential at departure.

  5. Record IT assets

    Draw up a list of IT assets and hardware linked to the leaver. Include laptops, PCs, mobile devices, peripherals, and user accounts (social media + job-specific).

  6. Examine IT assets

    A careful examination on return reveals damage or security risks. Remove sticky keys, deep-clean devices so they’re ready for the next user.

Employee Leaver process checklist

Secure employee IT offboarding with Sereno

So now you know all about what makes a secure employee leaver process, but how do you actually implement it?

That’s where we come in. At Sereno we’re obsessed with cyber security, meaning we’re here to offer you all the help and support you need to keep your systems secure when employees leave.

We remove 80% of the work involved with an employee leaving, so you don’t have to stress about disgruntled leavers or unwiped devices.

— Our promise to managed partners

Initial IT audit & your bespoke offboarding checklist

When we first bring you onboard as a new partner, we audit your entire IT environment. This enables us to learn everything we need to know about your systems, apps, and tools. Once we have this information, we create a thorough offboarding checklist customised to the needs and setup of your business, think: an advanced and personalised version of the checklist above, just for you.

Once created, we run through it with you to check everything’s covered and you’re comfortable with our responsibilities. After this, you shouldn’t see your offboarding checklist again, because now we’re responsible for checking every box.

Your employee offboarding form

Now that we have the information, we create your employee offboarding form. Like your checklist, this is bespoke to you. The form lives in our Partner Portal and includes information specific to your setup and process, who’s leaving, when, where their mailbox is being redirected to, the status of their devices, etc.

Sereno IT employee onboarding and offboarding portal interface, showcasing streamlined service request forms for starters and leavers.

Continually improving your leaver process

Whilst you’re partnered with us, we continually provide recommendations to keep improving security and efficiency. Examples include:

  • Restricting employee permissions based on role, so they only ever have access to what they need
  • Fully managing your assets, so you control how employees use their devices
  • Centralised user profile management for fast revocation
  • Single Sign-On (SSO) so revocation is one switch
  • A password manager so shared credentials can be rotated instantly
  • Remote device wiping so devices can be wiped wherever they are

Offboarding employees effectively is crucial to maintaining security and business continuity. The good news is you can trust Sereno with it. Our process means all you need to do is fill out one form and hand everything over to us. Our rigorous process and trained security engineers mean you can be sure employees are offboarded safely and punctually.

To find out more, or to switch your IT company, please contact Sereno at 0203 089 01 41 or at hello@serenoit.co.uk.

Share this article

Written by

Eric Ryan

Part of the Sereno IT team helping growing UK businesses make confident, jargon-free technology decisions. Read more business operations guidance in our Business Operations library.

Scaling Operations & IT Maturity

Ready to take the next step?

Friendly, no-jargon guidance from the Sereno team. Tell us what's going on with your IT, we'll tell you what to do about it.

Plan smoother IT operations