Onboarding and Offboarding: The Role of IT Pros

Last year, Twitter employees became spear-phishing targets, with hackers getting their hands on user credentials by pretending to be company IT administrators. Approximately 130 private and corporate Twitter accounts with at least a million followers each were compromised.

Consequently, a former Cisco employee gained unauthorized access to the company’s cloud infrastructure and deployed malicious code that deleted 456 virtual machines used for Cisco’s Webex Teams application. The company spent $1.4 million in employee time to repair damages and another $1 million in reparations to affected users.

These two real-life examples of data breaches show us the price organizations have to pay for poor employee onboarding and offboarding.

IT professionals have a greater role in employee onboarding and offboarding programs because of the growing reliance on technologies like SaaS applications for storing data, other cloud technology and the intricacies of remote working. IT pros need to work with their HR teams to build an employee onboarding and offboarding program that is consistent and robust.

DevOps Unbound Podcast
An image representing onboarding and offboarding.

What Is Employee Onboarding?

Employee onboarding is a series of tasks that help the chosen candidate become an integrated and functioning member of the organization. Good employee onboarding goes beyond conventional paperwork. It should provide the tools and resources new employees need to become satisfied and productive team members quickly.

A good employee onboarding program maximizes productivity by outlining job and organizational expectations, reducing errors, and saving time and frustration. It invariably reduces business risks since new employees will be aware of the company’s data protection policies and other practices.

A standard employee onboarding program should include the following:

  • A profile of the organization
  • Policies, procedures, rules and regulations (including IT policies)
  • Employee benefits
  • Health, safety and environment
  • Department functions and their assigned duties and responsibilities

Employee Onboarding: Best Practices

These best practices will help you get the most out of your employee onboarding program, help support new employees and steer them in the right direction.

Build onboarding workflows

Establish and document the onboarding process to ease the burden on your IT team and other cross-functional team workflows. The employee onboarding workflow should mention member details along with their permission levels. Encourage IT admins to use role-based access for users and third-party applications relevant to the onboarding process.

Involve senior leaders

The responsibility of onboarding should not fall entirely on the shoulders of the HR team. Instead, it should be shared by the entire organization, including senior leaders – especially IT leaders. Involving a senior leader like an IT manager helps new hires understand the IT policies, the do’s and don’ts of data management, and their responsibility in protecting critical data.

Conduct one-on-one meetings

IT pros should conduct regular one-on-one meetings with a new employee to foster a positive and productive relationship with the IT team. Your first one-on-one meeting should occur on the first day and include a security awareness training workshop. This helps make data protection a habit, and eventually, a part of the organizational culture, thus creating less trouble for the IT team.

What Is Employee Offboarding?

Employee offboarding is the strategic process of disengaging an employee from your workforce. In other words, it initiates the formal separation between the employer and the employee. The process begins with an exit interview conducted by the HR team.

Although the HR team is the one that initiates the offboarding process, IT pros are the ones that need to see it through till the end. Bad exit interviews can turn any outgoing employee into a malicious insider.

The exiting employee could use their privileged access to bypass security infrastructure and steal precious data. These types of breaches are expensive considering mitigating the consequences of malicious activity costs $760,000 on average.

Employee Offboarding: Best Practices

These best practices will help you get the most out of your employee offboarding program and make the employee-employer handoff seamless.

Initiate the knowledge transfer early  

The knowledge transfer process involves documenting tasks and responsibilities of the outgoing employee to ensure the next person in their role does not have to start from scratch. The IT team should create a work documentation system and make it a part of the duties of the new hires right from the onboarding stage in order to facilitate smooth business operations and uninterrupted productivity.

Blocking access and recovering company assets

IT pros should take extensive measures to lockout the employee from virtual and physical company assets. On your exiting employee’s last day, remove the employee’s user account from any relevant systems like Microsoft 365, Google Workspace or Salesforce, and change the passwords on any shared accounts. Additionally, collect company-issued devices such as phones, laptops, uniforms, keys, ID badges, bags and security cards as well.

Don’t forget to back up

Back up all the information about the outgoing employee – first day to the last. This is vital for legal and compliance reasons. For instance, if a former employee makes a legal claim against your organization, your legal team will need to review the onboarding and offboarding records to ensure you are covered against any legal action.

When All Else Fails, Spanning Prevails 

Even with the best onboarding and offboarding programs, you could still lose your data to either negligence or malicious insiders. Since data loss is virtually inevitable, what you need is a solution that mitigates the risks of data loss.

Say hello to Spanning!

Spanning’s cloud-native, purpose-built solutions for Microsoft 365, Google Workspace and Salesforce protect your organization’s critical data from loss caused by human error, malicious behavior, ransomware, malware attacks and sync errors, to quickly find and restore data to its original state in just a few clicks.

Learn more about Spanning Backup

*** This is a Security Bloggers Network syndicated blog from Spanning authored by Spanning Cloud Apps. Read the original post at:

Integrated Security Data PulseMeter

Step 1 of 7

What percentage of your organization’s security data is integrated into a SIEM or data repository you manage? (Select one)(Required)