Top 5 Things to Do When Your Trusted IT Professionals Leave

insider threat cybersecurity

1. Ask for a Documentation Review

You should request for a documentation review of the systems so that the successor will understand how things work and will be able to carry out operations based on the documentation. If there are some temporary hacks or relaxed security settings (to keep the business running), it should also be highlighted in the documentation.

2. Change all the passwords! Yes, *all* of them!

IT admins use a lot of passwords. They may also know password hashes, DB credentials, application credentials, users credentials (users always tend to tell them) and many other passwords. It is important that passwords of all systems and users who came in contact with the ex-employee are changed.

3. Disable their accounts (Admin Accounts, Email Accounts)

Sometimes, if the system has a complex environment and you have changed all the passwords, something could still be overlooked. Disabling the account adds another layer of security to ensure that the person does not have access to your systems and networks. This also includes disabling emails as it’s possible for the ex-employee to mount an effective

Source:: elearnsecurity.com