Step 1: Credential Revocation and Access Control
If an employee’s departure is planned and occurs under friendly terms, the IT department should have a standard account deprovisioning process. This should follow a predetermined timeline, usually set to culminate with the employee’s final day of work. During this period, the employee should be informed about the offboarding process, including the schedule for revoking access to email accounts, institutional networks, databases, VPNs and any other digital resources.
Under this standard process, the IT team collaborates with HR and the employee’s department to ensure a smooth transition, allowing for the secure transfer of work documents, projects and any institutional knowledge necessary for operational continuity. Tools like Okta or OneLogin can be used to schedule the deactivation of accounts, ensuring that access concludes with the employee’s tenure. This organized and respectful approach not only maintains security but also fosters goodwill, enhancing the institution’s reputation as a desirable workplace.
Some terminations are not amicable, however, and those require immediate action. The IT department must implement an emergency revocation procedure that involves the instantaneous deactivation of all of the employee’s access credentials across the university’s systems. Immediate action minimizes the risk of retaliatory actions or data breaches, which are heightened concerns in such scenarios.
Under these circumstances, real-time synchronization and access control tools are not just beneficial, they are crucial. Platforms like Okta or OneLogin facilitate immediate, systemwide revocation of access, precluding the potential for maliciously compromised data or systems. Additionally, the IT department should conduct a prompt audit of all digital access, ensuring the former employee hasn’t created any backdoor entry points. This emergency process, though necessary only occasionally, underscores the need for robust security protocols that can respond swiftly to high-risk situations.
Step 2: Comprehensive Data Management and Archiving
The next phase involves managing the digital footprint left behind by former employees. IT personnel should work with representatives from the departing employee’s business unit to comb through files, emails and other data forms, identifying information that requires preservation. This task can be daunting but is crucial for maintaining operational continuity and complying with legal and institutional data retention policies.
Document management systems can automate part of this process, enabling the university to uphold data retention standards without the burden of manual sorting. If the employee’s department uses a document management solution, IT can configure that system to classify, retain or purge files based on the institution’s policies, ensuring that no essential data is lost and that all legal obligations are met.
Step 3: Assessment of Licenses and Subscriptions
Departing employees often leave behind a trail of licenses and subscriptions for various software and online services used during their tenure. IT departments must undertake a thorough reassessment of these digital assets to determine which licenses remain necessary, which can be reallocated and which should be terminated, based on current and anticipated needs.
Tools like CDW ServiceNow’s asset management solutions can provide invaluable support in this area, offering a comprehensive view of all software licenses, their assigned users and usage levels. This not only ensures efficient reallocation or cancellation, aiding in compliance with software licensing agreements, but also presents an opportunity for cost optimization.
Step 4: Secure Device Retrieval and Inventory Update
Hardware retrieval is an aspect of offboarding that requires as much diligence as digital access revocation. All devices issued to employees — laptops, tablets, smartphones, ID cards and more — must be returned, thoroughly inspected and wiped of sensitive information before they are reassigned or decommissioned. Overlooking this step could result in a severe data security breach.
An asset management solution such as CDW ServiceNow enhances tracking and management of physical devices, ensuring each piece of hardware is accounted for and inventory records remain up to date. This systematic approach not only secures data but also optimizes resource allocation and utilization.