The results of a recent lawsuit shine a light on the danger of not immediately disabling user logins when an employee leaves a company.
Ticketmaster was told by the courts it must pay competitor CrowdSurge 10 million dollars after it hired a former CrowdSurge employee and pressured them to use their still-working login to expose company secrets. Ticketmaster was so bold as to demonstrate how CrowdSurge systems work using this login at a company summit!
This may seem like an extreme example, but it’s important to consider what kind of information any employee can access with their logins. Financial information, proposals, quotes, employee personal information, technical drawings, systems used for the day-to-day company operations, all these and more can be found in employee mailboxes, file shares, and other resources.
This isn’t the only threat of still-active accounts. Disgruntled former employees deleting or altering data, or using a company email to harm the reputation of their former employer, is unfortunately common.
Even without malicious intent, these orphaned logins pose a security threat by their very existence. Forgotten accounts provide an avenue of attack for hackers to enter the system unnoticed. If no one is monitoring these old accounts, a hacker can do a lot of damage before anyone notices what happened.
The way to deal with this risk is simple. If an employee leaves unexpectedly, notify IT (or Birmingham Consulting),and have their accounts disabled immediately. Any information or resources can easily be transferred to other users. If an employee’s end date is known, let your IT know to schedule an account lock out immediately upon the departure of the employee. Avoid sharing passwords completely. Shared passwords are frequently overlooked when old accounts are disabled.
Follow these steps and rest easy that your passwords aren’t walking out the door.
- Written by Jesse Ross
