Are You Sure Your Former Employees Won’t Stab You in the Back?

As a business owner, you've probably had the misfortune of letting a valued (or not-so-valued) employee go. The reasons might vary, but one thing is consistent: they're gone, and could potentially use their newfound residual malice to strike your business right where it hurts. How can you prepare yourself against former employees you may have once called "family?"

Almost Half of Employees Would Hold a Grudge if Fired
According to a Cyber-Ark survey, nearly half of all employees admitted that if they were to lose their jobs unexpectedly tomorrow, they would enact some form of terrible retribution on their former employer, like taking the company's data with them. These same employees have held down their jobs for years and felt secure about their current situation. Such a circumstance may suggest that the employer had done the employee wrong by firing them. It's only natural that, when prompted by the question, "if you were fired tomorrow," they would react in such a manner.

Whether the motives of these employees are justified or not isn't the topic at hand, but it does force business owners to consider the risk of irate former employees. If a flustered team member steals something like the office stapler or a few pens, it is of little consequence; but if they make off with a bunch of data, like database passwords, financial reports, or research plans, your business could be in for a real nasty treat.

Take it from Home Depot
IT sabotage from a disgruntled former employee isn't a hypothetical situation. In fact, there's a major real-world example of this recently happening with Home Depot. An incident where as many as 52 million credit card transactions were exposed. Apparently, there is more to this story than hackers breaching a firewall. It turns out that in May of 2014, Home Depot's former Senior Architect for IT Security was convicted of sabotaging the company's network.

Ricky Joe Mitchell is the former Home Depot IT employee. A more rigorous background check would have prevented this whole fiasco. According to Ars Technica, Mitchell has a history of doing this with other employers like EnerVest Operating:

When Mitchell learned he was going to be fired [...] he "remotely accessed EnerVest's computer systems and reset the company's network servers to factory settings, essentially eliminating access to all the company's data and applications for its eastern United States operations," a Department of Justice spokesperson wrote in a release on his conviction. "Before his access to EnerVest's offices could be terminated, Mitchell entered the office after business hours, disconnected critical pieces of...network equipment, and disabled the equipment's cooling system." As a result of his actions, the company permanently lost some of its data and spent hundreds of thousands of dollars repairing equipment and recovering historical data. It took a month to bring the company's office back online, costing the company as much as $1 million in lost business.

It's Your Responsibility to Protect Your Data
Preventing a catastrophe like this falls on your shoulders, and it is your responsibility to close every access point associated with your disgruntled former employee. Something of this magnitude is of the utmost importance. Before you let the employee go, you should start preparations for the upcoming fallout, just in case they get the bright idea to walk off with valuable information that might land them a job with a competitor; or worse, mess with the company infrastructure.

You have no idea what you can expect from a seemingly-normal former employee. Your best bet is to enact a standard set of procedures which will help you best combat the former employee, should they decide they want to take a memento of their time spent with your business along for the ride. Close off any access points which could allow the employee to take information from your network, and monitor your system for unusual traffic from that individual.

Of course, maybe they're just out to make a quick buck, too. A former employee might have been responsible for making company purchases, and could then use this authority to use company credit cards to purchase goods from vendors.You need to immediately let your vendors know that any purchases from this team member should be denied or void. Remember, your budget is on the line, and therefore, so is your business. You can't let a former team member be the reason that your budget is broken for the next several months.

How We Can Help
Directive can help your business make employee termination easier. We can't help you break the news, but we can help you ensure your network is secure from the terminated employee.

You can rest easy knowing Directive is watching your company's network, ensuring that each access point is protected against malicious intentions. All you need to do is let us know when the deed has been done, and we can lock them out of your network for good. If they try to use mobile devices, we'll block those too. If anything strange comes up, you'll be the first to know.

It might seem like a trivial thing, but failing to secure your network against a very real threat is just negligent. One single mistake can take down your entire company and livelihood. Protect the future of your company by calling Directive. We'll make sure unauthorized users stay out of your network. All you need to do is call 607.433.2200.