Techie Turnover Doesn't Have to be Sour
Everyone knows that terminating a staff member usually involves some amount of sour worms. However, when that fired employee is a techie, they could take those sour worms and actually do something about it to harm your business.
Your Company Is at Risk
There’s no nice way to say this, so let’s just be clear: if your business employs IT staff, you’re at risk of techie turnover leaving you in trouble. Back in 2012, 74% of companies experienced this kind of turnover during just that year alone. Since then, there have only been more reasons for tech employees to leave their current company. Many develop skills during the process of serving their employer and eventually use them to find a higher-paying position elsewhere. Some will simply start their own companies.
A large number of them, though, have also seen their jobs outsourced. IT positions don’t always demand someone who speaks English as their first language. This makes it easy for companies to send IT jobs overseas and save a lot of money by doing so.
Whatever the reason, when you have techie turnover, you could be especially vulnerable. Though every employee has their role and is, to some degree or another, vital to their company, techies have very specific positions. Most of them are given access and capabilities that could nearly level a business. At the very least, a disgruntled employee could cause a great deal of frustrating problems before leaving the building (or even after, if you’re not careful).
That’s why you need to prepare for this eventuality now. The following are some cautionary steps every company that employs techies should take.
Get a Procedure on Paper
The first step you need to take is coming up with a procedure for when an employee needs to be terminated. This kind of thing is common practice and you can even find examples of various procedures online.
However, you’re going to need to make certain changes based on your specific company’s needs. Then, it’s important that you think about the techies you employ. Dealing with them will most likely be a bit different from dealing with other members of staff.
By having your procedure on paper, you greatly reduce the risk of human error leaving your company vulnerable. It’s as simple as that. These procedures should work as a checklist so that the person in charge of termination can go through and check every box along the way.
Obviously, with techies, the big thing is revoking all the access they have. Most employees will need their email revoked and perhaps some other type of software. Techies, though, usually have all kinds of access to various systems that could give them a lot of power if they decided to get a bit of revenge.
Each time a tech employee gains a new form of access, be sure to document this. Then, when they get terminated, go through this list of accesses and be sure they have been sufficiently revoked.
Confirm Access Has Been Revoked
While having your checklist and termination procedures should be a priority and can make a big difference all by themselves, don’t stop there. You need to make sure that their access was actually revoked, something that the person in charge of termination might not be able to do. Furthermore, this access has to be stripped before the employee leaves the building. If you let them get to a computer while they’re angry, they may log in and cause problems in a matter of minutes.
The best way to do this is by simply making it extremely easy to terminate access at a moment’s notice. It should be something that can literally be done with the click of a button.
Stripping someone of their firewall or VPN credentials should be just as easy as terminating their email access.
Audit Terminated Employees’ Access Attempts
What a lot of non-techies don’t understand is that there are usually a couple of ways to pull off any one objective in the digital world. In this context, that means that simply revoking access to a system may not actually be the end of your problems. A disgruntled techie could decide that they aren’t done with your company yet and try getting back in through a backdoor, so to speak.
This is why companies that have IT staff members need to put into place auditing procedures that will check for these various methods. Just because an employee is no longer coming to work every day doesn’t mean they can’t cause problems for you remotely.
If you find out someone is in fact trying to gain access to your company’s system despite having been fired, you can take this matter to the authorities. At the very least, though, you’ll have a better understanding of the nature of this kind of threat.
Holding Staff Accountable
Perhaps an even bigger threat is that a disgruntled employee could decide that they want back in so badly that they use somebody else’s credentials. It’s not uncommon for employees to share credentials with one another for all kinds of reasons. Once they’re fired, a techie might become so enraged that they put their former coworker at risk by using their sign-in to hurt your business.
They may have also planned for this day by hanging onto the credentials of an employee who left the company before them.
Either way, you need to audit your employees constantly. Again, if someone gets let go, get rid of their access immediately and look to see if anyone tries to use it again. Then, remind employees constantly about your policy on sharing passwords and unflinchingly enforce it.
As we mentioned above, one of the smartest things you can do is employ software that allows you to revoke access or change passwords whenever you want. The vast majority of techies—like any type of employee—is going to be an adult after getting terminated. However, it would take just one to cripple your company in a big way.