Do you have a policy in place to secure network access in case of voluntary or involuntary employee termination? We strongly recommend that businesses have a policy in place to remove access to network resources when termination occurs. In order to secure your data in the case of involuntary termination the terminated user accounts should have their password changed if the accounts cannot be disabled right away, email should get forwarded to the manager or appropriate person, remote access should be disabled, access to company shares should be removed, and finally any documents or files associated with the user account should be secured before termination. If the termination is voluntary a plan should be put in place to remove access in steps removing access to resources once the task is taken over by another employee.
I cannot reiterate the importance of “safe surfing” and a good anti-virus. Cyber Criminals as a whole make more money than all the anti-virus companies put together. They skirt the law, installing “quasi-legal” apps, Trojans, keystroke loggers and re-directors that will compromise your data and confidential information, and then sell this info at black market clearing houses to the real thieves. Every company needs a multi-tiered solution to help protect themselves from these threats. At a bare minimum, a company should have:
1) Strong passwords for users, that are changed on a regular basis
2) A good firewall appliance, and monitoring of the logs
3) A solid anti-virus software, being monitored by an IT professional
4) A company wide internet usage policy, with the “do’s and don’ts”
5) Continuing end user education, to help avoid phish scams and redirects
Thanks for letting me rant, and have a great day!
-Scott
