The Great Resignation meets the Great Exfiltration: How to securely offboard security personnel

“The Great Resignation” is a phenomenon that has greatly impacted how we work. As of August 2021, 65% of people in the United States were looking for a new job and 25% of them actually quit. With tens of millions of people shuffling around the workforce, there is another key asset organizations are at risk of losing: data.

People and data are, arguably, a company’s two most important resources, and while losing people is a challenge, losing both can be devastating to a business’s security and competitiveness. This is especially true for security personnel, as they often have unique privileges or access to data and information that other personnel may not. As a result, the Great Resignation has become the “Great Exfiltration,” as people leaving their jobs may also be taking company data with them.

Considering the Great Exfiltration, it is vital for organizations to create and implement a robust data loss prevention (DLP) strategy during the offboarding process to prevent any destruction or loss of data. This is particularly important with many organizations still working remotely, where the lines between personal and professional devices have become blurred.

That said, there are a few tactics that leaders can keep in mind while employing their DLP strategies during the offboarding process:

Automation is key when offboarding security personnel

Ensuring that the systems and procedures involved in the offboarding process are automated is a must. Having the ability to turn off an exiting employee’s access to all possible systems quickly and efficiently is most important, so they can no longer leverage company information after leaving. This can be done through automated processes, and they can be easily implemented within systems that use a protocol like Single Sign-On (SSO). With SSO, employees will only have one log-in for all their accounts, making it easier to quickly shut off this access by changing just one set of credentials.

Revoke network, email, administrator, general and cloud system access

For organizations that do not have a SSO method that can streamline this process, leaders should revoke network, email, administrator, general and cloud system access for exiting employees. Additionally, in the era of hybrid work, employers should take care to confirm that this also includes remote access.

This is one of the many reasons that identity, credential and access management (ICAM) – which ensures that the right person is accessing the right information, at the right time, for the right reasons – is so important as a security precaution during employee offboarding. By integrating this as a step into the DLP strategy, organizations can rest assured that their data is staying in the right hands.

Integrate DLP strategies for all employees

Crucial for offboarding security personnel, a DLP strategy should also be integrated into company-wide offboarding practices as a reminder to every departing employee that they still owe consumers proper data handling. While automation and additional revocations are important when it comes to safely offboarding ex-security members, the same DLP strategy should encompass all employees, no matter their role, and any third-party contractors that are extensions of the company’s staff. This is because people on different teams may have access to systems within the company that could shut down the entire enterprise if accessed inappropriately.

A company’s data privacy strategy starts with employees, and regardless of their intentions, training, or seniority, anyone could be a data privacy and security risk to the organization. This is why it is vital to not just have the DLP strategy in place, but to implement it as a key component of every offboarding process.

Because the Great Resignation is expected to continue, so will the consequences of the Great Exfiltration. Whether purposeful or inadvertent, such fallouts can be lessened and even avoided entirely by prioritizing DLP strategies and the above tactics.

While the importance of DLP strategies in offboarding security personnel is clear, these strategies can — and should — also go beyond the security profession. All organizations have data that needs to be protected, and such DLP strategies and associated tactics are a great first step toward implementing a safer, more secure offboarding process across an organization.