This checklist from goptg.com will help associations ensure they are protecting their data during what is typically a stressful situation – employee termination.
- Disable and change all passwords for Windows Domain accounts.
- Disable email access.
- Remove access from any 3rd Party applications (whether they’re on-premises or in the cloud).
- Change password or remove access from websites with company information.
- Change password or remove access from any applications or website that publish as the company or clients (like a company Twitter account).
- Remove VPN access.
- Remove building access including any key card access to doors. If your building uses door codes, disable or change their code.
- Remove access to any tokens issued for access to applications (like two-factor authentication apps).
- Wipe company information from any employee-owned devices that were used to access company data (even if your company doesn’t have a Bring Your Own Device policy, it’s likely they still used a cell phone to access email). If you don’t already have a mobile device policy in place, you need to get one in place now.
- Account for all company-owned equipment owned by the company with an inventory sheet.
- Account for software licenses designated for use by the employee and redistribute as needed.