How to Handle Employee Termination for IT Compliance?
for terminated employee leads to audit finding, and potential breaches. During the COVID-19 breakout many employees transitioned to work from home schedules. Many employees and contractors will carry on working from home even after the pandemic subsides. In this rapidly changing work dynamics, organizations of all sizes should examine their employee termination process. As soon as the decision to terminate an employee has been made, IT admin should receive a near real-time notification. IT admins are typically responsible for securing data, managing access to resources and maintaining permissions and access rights policies across the assets.
In our research we found that organizations with employees between 250 to 1500 display varying degree of . Unsurprisingly, a large percentage of companies and non-profit organizations have manual deprovisioning where the onus of timely withdrawing employee access across systems and databases is spread across the reporting manager, HR, IT administration.
Based on our experience configuring our SaaS product to help SMB companies manage employee termination, we recommend the following:
Use a software that automates termination workflow between HR system and downstream systems. Many of our customers use easy integration with service management systems such as Jira, ServiceNow to open deprovisioning tickets. Others prefer to use our Active Directory connector to deprovision employees.
Refer back to the to know what system the terminated employee had access to. Unless your organization has done periodic evaluation of employee entitlements, there is no way to know with 100% surety what access the employees enjoyed beyond just what his role allows.
SecurEnds recently hosted a tailored demo for a banking prospect. Their main use case was employee provisioning and deprovisioning. They were looking for an easy-to-use solution that empowers business managers to make entitlement decisions for their employees and drive the deprovisioning. Currently, the . Although provisioning was inefficient leading to access delays for the new hire, deprovisioning was the biggest concern as IT was not always notified in a timely fashion when HR terminated the employee. As it turned out, this prospect needed a workflow that tied JML events to their JIRA ticketing system while logging the changes for audit trail. Simple. We agreed that a real time connector was a future thing.
achieve IT controls and compliance. Our lightweight, highly configurable and industry first flex-connector product can be earliy deployed on your on-prem. Our product an easily bolt on to your existing single -sign-on solution to make a comprehensive end to end identity management solutions. In only 30 minutes we can why our SAAS software is now a leading choice for identity governance
Author Signature :
SecurEnds is an information security company headquartered in Atlanta, Georgia which helps to reduce security risk and costs by automating identity governance & access control. ..