When an employee leaves a company there is a lot of work to be done to ensure a smooth transition for whoever will take their place, however one of the procedures that is often overlooked is the reclaiming or wiping of company IT. There are plenty of reasons to have a firm company IT policy in place as there could be financial, logistical and privacy issues on the departure of an employee.
If the individual’s exit from the company is due to disciplinary measures then there could be further problems, especially if you operate a bring-your-own-device (BYOD) system with software installed. We will look at some different scenarios that you should be aware of, showing you the need for a strong company IT policy ensuring your business is covered for any eventuality.
If an employee leaves the business and does not return their devices it’s very easy for management to either forget about them or give up on ever getting them back as it would be too difficult. This is not a good attitude to have as it can be more detrimental to the company than you’d first think. The most obvious damage that it can cause is a financial one. If you don’t keep track of hardware, then eventually it will need to be replaced. Although some of the technology will have no real value in terms of resale, if somebody else requires a device, a new one will need to be purchased. This costs money. What’s more, there will probably be a period of time where you’ll be short of hardware until you can replace the missing one.
A company laptop, for example, will no doubt have private data about the business stored on the hard drive. If this is allowed to leave the confines of the company, you run the risk of surrendering your data too. This is not to say that the employee will be directly responsible for any privacy breaches, however if they pass on or sell the device and do not wipe the hard drive correctly, others may benefit from your company’s information.
If the devices are able to connect to company systems, ex-employees may still be able to access information after their employment has ended. They may have passwords to online services and SaaS accounts stored in browsers too, which means they will still technically have access. This can still happen even if hardware isn’t taken by employees, so be sure to cancel any accounts or shut down users after they leave the company.
Software licencing may also be invalidated if installed on a device, as once the product is used outside of the company contract, then it has been breached and the company is liable. If an employer moves to a rival company and takes, say, a mobile phone with clients contact numbers stored on it, this could potentially lead to lost business. Ensure all information, data and intellectual property is surrendered by employees on leaving the company.
There is a certain way to dispose of old technology and if a business doesn’t take care when disposing of their hardware, then they run the risk of having data stolen. When a piece of technology is left to an ex-employee there is no guarantee that they will dispose of it correctly when they have finished with it. For more information on this, see our post on disk destruction and data wiping.There are also environmental guidelines for correct disposal of electrical equipment. If your equipment is found to have been thrown away incorrectly, it may be traced back to the company who will then be responsible.
Get a Company IT Policy
By establishing a company IT policy you can avoid any conflict or confusion long in advance when it comes to reclaiming company hardware. With the rise in popularity of BYOD in the workplace, management’s jurisdiction becomes even more complicated. Set out clear guidelines that all employees can agree to and avoid any unpleasant situations.