Handling Security Whrn Employees Leave
Employees come and go over time. One thing that is often overlooked when an employee leaves, is to secure their account.
All of the departing employee’s accounts need to have, at a minimum, the password changed. It is better, if possible, to disable the account so that no access is possible at all. I prefer to disable the accounts initially, and delete them at a later date, as sometimes when an account is deleted, files that are associated with that account are deleted. If the account is disabled, those files are not deleted. Rather, they are still accessible, though it may take administrative privileges to access them.
Obviously, if the departure is less than amicable, disabling access is even more important. However, unless there is an agreement regarding continuing access for the departing employee (such as them doing on-going work for your company), their accounts should always be disabled as a security precaution.
Additionally, email for that account should be forwarded to someone, so that crucial correspondence does not end up in a mailbox that is not being monitored.
After an appropriate amount of time, and it has been confirmed that all of the files, and correspondence, relating to that account have been properly dealt with, the account should be completely removed. Aliasing the email address used by the employee to a management person or a replacement person should be completed before the account is removed. Any customer and prospect contacts should not be lost.
Even in those cases where the departure is amicable, it is better to be thorough, and secure your system.