Careless “Offboarding” Leaves Gaping Cybersecurity Hole

Insiders are the most common source of organizational breaches. That fact is well understood at this point, but a crucial subset of that broad category is often overlooked, according to a post in the SecurityIntelligence blog. That subset consists of former employees who, on account of lax offboarding, can remain insiders with respect to cybersecurity, sometimes for years, increasing the chance they may become not only the perpetrator, but also the victim of a breach. In most cases the problem boils down to who in the company has been delegated to handle the offboarding process. Typically, it’s the human resources department, on its own, but that’s a dangerous mistake, the writer says. IT and cybersecurity personnel need to be involved, as well.

This post includes a checklist of offboarding security protocols. Also a link to a recent Ponemon Institute/ObserveIT/IBM study that breaks down the types of insider breaches and quantifies them in terms of frequency and cost. Those are alarmingly big numbers, and they are trending higher.