Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

2/23/2009
10:46 AM
Keith Ferrell
Keith Ferrell
Commentary
50%
50%

Layoffs: Close Security Doors Before Showing Employees The Exit Door

Security and system access issues must be addressed long before pink slips are distributed. Some observers, in fact, view laid off employees as one of the biggest network and data security threats your company will face.

Security and system access issues must be addressed long before pink slips are distributed. Some observers, in fact, view laid off employees as one of the biggest network and data security threats your company will face.Nobody likes to let good employees go, but with layoffs an increasing fact of life in this economy, it's vital that you address system security issues before issuing layoff notices.

The cost of not doing so could mean that your company's data is headed for the door along with your former employees.

But before you can address those security issues, you have to know who has access to what.

Sounds simple and self-evident, yet a recent survey showed that close to 70% of IT execs don't have accurate access audits of their company's personnel.

Without such an audit -- thorough and regularly updated -- the risk of sending a possibly disgruntled employee home while still having access to your network, customer records and other critical data is enormous.

And it's clear that our current economic climate is increasing the number of insider threats companies face.

Look: most employees, however emotionally affected by losing a job, aren't going to take any action against your systems. But all it takes is one former worker with an active password and a grudge to do serious damage.

How serious?

Take a look at these horror stories about system administrators who turned on their former employers.

Nor does the concern extend only to sysadmins and other tech staff. Any former employee with unclosed access is a potential vulnerability.

The matter becomes more complicated if, like many companies, you provide your employees with a few days' or weeks' notice before their last day.

If you're not running identity management and endpoint access controls, now is the time to make the investment.

Additionally, if you haven't performed a company-wide access and equipment audit lately -- or, for some of you, ever -- do so immediately.

With luck and determination your business will come through the economic crisis with minimal loss of staff.

It takes more than luck, though, to ensure that if you do have layoffs, your former employees can't take action against your company, your systems or your data.

It takes planning, preparation and implementation, and it requires them now.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-27235
PUBLISHED: 2021-04-13
An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3 in the description parameter. An attacker can make an authenticated HTTP request to trigger this vulnerability.
CVE-2020-27236
PUBLISHED: 2021-04-13
An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3 in the compnomenclature parameter. An attacker can make an authenticated HTTP request to trigger this vulnerability.
CVE-2020-13566
PUBLISHED: 2021-04-13
SQL injection vulnerabilities exist in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability In admin/edit_group.php, when the POST parameter action is “Delete�, the POST ...
CVE-2020-13568
PUBLISHED: 2021-04-13
SQL injection vulnerability exists in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability in admin/edit_group.php, when the POST parameter action is “Submit�, the POST p...
CVE-2020-27227
PUBLISHED: 2021-04-13
An exploitable unatuhenticated command injection exists in the OpenClinic GA 5.173.3. Specially crafted web requests can cause commands to be executed on the server. An attacker can send a web request with parameters containing specific parameter to trigger this vulnerability, potentially allowing e...