Are Departing Employees Taking Your Data with Them?

The offboarding process is seemingly straightforward: departing employees return all company property, including laptop, mobile device and building access card. However, they could be walking out the door with something far more valuable: your data. And without the proper precautions in place, you won’t know until it’s too late.

Because cloud-based technologies are scalable and convenient, many organizations have made them a central point of business operations. Solutions such as Salesforce started off as a CRM but have grown to manage the workflow and data of an entire organization. As a result, employees have access to a bevy of sensitive data such as detailed customer, prospect, ordering systems and financial information.

A white paper from Osterman Research revealed that 69 percent of organizations polled cited data loss when an employee leaves their organization. Employees may not intend to take data out the door in certain incidents, but some former employees are looking to gain a competitive advantage in their future endeavors.

Keeping Company Data Secure

Protecting your organization’s data takes a multi-layered approach. Here are six ways to proactively secure it.

Determine Where Your Most Sensitive Data Is

It is most likely that your organization uses multiple applications, third-party partners and an expansive workflow. Your data is probably not contained within a few secure systems. Conduct a comprehensive risk assessment to understand where you need to focus your security strategies. Knowing where your data is located and who has access to it will give you a foundation to build upon with other security tools and data protection strategies. Below are some questions to answer:

  • Who controls database access?
  • What regulations/laws do I need to comply with?
  • Who has access to what data?
  • Is my data secure when it’s not in use?
  • What sensitive data does my organization store, use and transmit?
  • Is my data secure in transit?

Policies and Pprocedures

Data security is every employee’s responsibility, so create transparent and explicit data security policy. This will help keep employees accountable for securing your sensitive information. Below are a few essential topics to cover:

  • Password Protection – Maintaining strong password protection to your internal systems will help prevent breaches. Of confirmed data breaches, 63 percent involve using weak, default or stolen passwords.
  • Data Privacy – Make sure your employees are fully aware of the laws they must comply with when handling your organization’s or customer’s data.
  • Email Usage – Ensure that your employees are trained to thwart social engineering tactics. The majority of cyberattacks originate from insider threats accessing a malicious email.
  • Mobile Devices – Creating a mobile device policy that requires employees to password protection and secure usage will reduce risk.

Application Monitoring

When you have determined the location of your most sensitive data, monitor who is accessing it and what they are doing with it. With the growth of cloud-based apps such as Salesforce, company data is oftentimes easily accessible within the application. Defending against insider threats requires monitoring user activity and using behavior analytics that provide insights into where, when and what insiders are doing. Gaining insights into your business-critical applications allows your security team to be proactive in detecting, investigating, mitigating and remediating security incidents. Monitoring technology will provide your organization with the ability to trust your employees but verify that they are not violating your acceptable use policies and putting your organization at risk.

For example, if a departing employee is exporting large amounts of company data from Salesforce, your security team can isolate the incident and prevent data loss or even a full-blown breach.

Physical Security

When an employee departs your organization, physical access to your network should be cut off immediately. Multi-layer authentication, requiring both a password and a physical token, to gain access to technology and organization perimeters provides an extra layer of physical security.


Put a well-defined sanctioning policy in place. Specific penalties should be defined for those who violate your Acceptable Use Policy. Tell employees that their activity is being recorded through monitoring technology and that they are held accountable for any misuse of the organization’s resources.


There are two ways to view employees: they are either your greatest vulnerability or your best line of defense. Implementing a culture of security and accountability will help secure your organization. Training on your acceptable use policies, monitoring technology, current cyber threats and sanctioning will aid in defining a strong culture of security.

Keeping Your Data

Departing employees sometimes take more than their favorite stapler with them when they leave. To protect your organization against insider threats, monitoring employee access to and activity within your network is essential. This enables you to act quickly when you detect suspicious behavior. User activity monitoring must be a part of a comprehensive approach to data security today.

Featured eBook
Seeing Red: Understanding Red Team Security

Seeing Red: Understanding Red Team Security

Cyberattacks are now the top risk to businesses, brands, operational functions and financials. According to a report from Sonicwall, there were more than 9 billion Malware attacks in 2017, with no signs that the attacks will slow down anytime soon. It’s not just malware. Cybercriminals have more attack vectors than ever before, with the internet ... Read More
Security Boulevard and CA Veracode
Chuck Burbank

Chuck Burbank

Chuck Burbank is the CIO and Chief Information Security Officer of FairWarning. He has overall responsibilities for FairWarning’s fast-growing Managed Privacy Services (MPS) business unit. Chuck joined FairWarning in 2012 after being a customer for many years and works closely with the management team to bring new MPS offerings to market.

chuck-burbank has 1 posts and counting.See all posts by chuck-burbank