State and Federal laws – intended to protect your electronically stored information – apply not only to hackers outside the company, but to former employees and contractors.
The results of a recent study of more than 900 IT security professionals by Dimensional Research shows that common security best practices – such as timely removal of access to corporate data and applications, dormant account identification, and role administration – continue to be a challenge and concern for organizations worldwide.
Only 14% of survey respondents said they remove access for users immediately upon a change in employment status, while only 9% are sure they have no dormant accounts. Incredibly, 84% admitted that it takes a month or longer to discover these open doors.
To better protect your business, establish, maintain and monitor employee access to databases and other company assets. Ensure that all access credentials are promptly revoked at termination and when employees change roles within the organization. This policy should be extended to temporary employees and outside contractors as well.
Further, your employment and contractor agreements should specifically identify post-employment restrictions to any company related electronically stored information. And there should be a mechanism in place to flag such unauthorized logins for auditing and follow-up purposes.
Unauthorized data access by former employees and contractors can hurt your business and expose it to costly litigation… DataLink can help you set up best practices to safeguard what counts. Contact us today: (410) 729-0440 | Email