Cybersecurity In-Depth: Feature articles on security strategy, latest trends, and people to know.
10 Tips for Maintaining Information Security During Layoffs
Insider cyberthreats are always an issue during layoffs -- but with record numbers of home-office workers heading for the unemployment line, it has never been harder to maintain cybersecurity during offboarding.
Business disruption and the financial toll brought on by the COVID-19 has forced many companies, large and small, to let go of staff. In fact, more than 40 million Americans have filed for unemployment in the past 10 weeks, with cuts hitting major companies including Boeing, IBM, and United Airlines.
While layoffs are never an easy scenario to deal with at any time, how well they are handled varies greatly, says Niamh Muldoon, senior director of trust and security EMEA with OneLogin.
"Early in my career, I worked on a case where a layoff process went horribly wrong and resulted in huge financial loss for the company along with a huge investigation, e-discovery, and a legal case," Muldoon says. "So, I urge organizations to invest time into properly planning for this unfortunate situation."
That includes the potential repercussions if a laid-off employee decides to retaliate and walk away with private corporate intellectual property (IP) or other sensitive data. And that's not unusual: According to a recent report on 2,000 US and UK employees from email security firm Tessian, more than one-third admitted taking company documents with them when they left a job. The data also revealed US employees are almost twice as likely to download, save, or exfiltrate work-related documents before leaving or after being dismissed from a job.
How can security managers ensure data doesn't walk out the door with a departing employee? Here are 10 recommendations to keep the layoff process secure.
About the Author
You May Also Like
DevSecOps/AWS
Oct 17, 2024Social Engineering: New Tricks, New Threats, New Defenses
Oct 23, 202410 Emerging Vulnerabilities Every Enterprise Should Know
Oct 30, 2024Simplify Data Security with Automation
Oct 31, 2024