SlideShare una empresa de Scribd logo

Manage IT Access Best Practices

Liberteks
Liberteks
Tecnología
1 de 5
Descargar para leer sin conexión
Preventing Rogue Access Processes for managing IT access Best practices for onboarding new employees An exhaustive onboarding checklist Plus: Advice for regulated companies Intermedia and Osterman Research recently surveyed knowledge workers about their access to former employers’ IT systems. An incredible 89% of respondents retained access to at least one system—such as Salesforce, PayPal, email, SharePoint and other sensitive corporate apps. One of Osterman Research’s key recommendations for preventing this kind of access is to implement best practices for managing employee access to IT services as well as a rigorous IT offboarding process for departing employees. This document presents a template for bringing these practices to your company. It includes guidelines for setting up internal processes as well as specific actions to take when onboarding and offboarding employees. In addition, it includes recommendations specific to regulated industries such as financial services, legal services and healthcare. Find more tips for preventing Rogue Access—plus a white paper by Osterman Research—at Intermedia.net/RogueAccess Learn how Intermedia’s email, phone, file storage and single sign-on services dramatically reduce the risks of rogue access. Call (800) 379.7729 or email sales@intermedia.net. How to manage user access to IT services during employment—and after employment ends. 1 presented by
Best practices for tracking access to IT systems The first step to preventing unauthorized access by current and former employees is to develop a complete understanding of your IT landscape and the access privileges within it. IT systems access recommendations 1. Establish a security and compliance group within the company This group should monitor two key areas: 1) who has access to which IT services and 2) how information is being accessed and shared. You should build this group’s role into broader IT policies so that alerts can go out when a policy has been violated. This group should provide compliance and security training to employees on a quarterly/yearly basis. 2. Put in place a clear set of company IT policies. This includes policies on app usage, a list of approved sites and services and a list of approved software and apps that employees can use. Also, require that employees use company-provided logins for these apps instead of personal logins. 3. Provide role-based access to applications. Create a stringent approval process for all services, apps, and equipment that employees need. Employ two levels of approval for each request: approval from the employee’s direct manager, as well as a VP or account owner. Keep records in a centralized database, so you have a clear “paper trail” of all services and equipment given to each employee. 4. Create a central repository for admin logins and passwords. Don’t give users admin rights to their laptops. Instead, require employees to log tickets with IT to get access to download new software. 5. Eliminate shared logins/accounts. Assign accounts to one person whenever possible. If you have to use a shared account for budgetary reasons, make sure you rotate out the password on a monthly basis and employ strong password policies. 6. Conduct regular audits. Audit all your user accounts (LDAP, Active Directory, all apps) regularly. Have a single place for running audit reports and searching for users. Make sure you track all the apps being used—regardless of department— so you know who’s paying for them, who “owns” them, and what access and control IT has. Employee onboarding recommendations 1. Set up your accounts in Active Directory, and make sure all cloud apps are SAML authenticated. This gives you one central location to manage employee accounts. It also makes it faster and easier to provision and de-provision employees. 2. Use unique identifiers when creating new employee accounts. In the system in which you’re creating the account, fill an unused attribute field with the employee’s unique HR-assigned ID number. This way, if a user has different name listings (e.g. J. Smith, Joe S., etc.), it’s easier to find all the apps with which they are associated. 3. Maintain a distribution list to announce new hires. A distribution lists ensures that all key departments (Finance, HR, Facilities, etc.) are notified without fail when someone new is coming onboard. 4. Run a system audit when employees change departments. Make sure you de-provision access to anything the employee no longer needs in their new role. That way, employees always have access to only those systems and applications that they really need to do their jobs. Employee offboarding recommendations 1. Adhere to a strict employee offboarding checklist. A sample checklist is included in this document. 2. Maintain distribution list for terminations. Similar to your new hire distribution list, create a list that informs key departments (Finance, HR, Facilities, Legal, etc.) when an employee is leaving. 3. Direct the email account of a departing employee to his/her manager. Reroute the departing employee’s email account to their manager for the first 2-3 months so that important messages are retained and handled. 2
4. Terminate all employee accounts. It is critical to terminate every employee account to every service, both on-premises and in the cloud. If the employee is the primary contact for an online account or project, make sure that contact gets re-assigned. 5. Review the apps saved in your employee’s single sign- on portal. This is an excellent method for discovering apps that an employee may have provisioned or used without IT’s knowledge. (These “unknown” apps are the most likely to create the risk of post-employment access.) 6. Make sure to collect all company assets: laptops, phones, ID badges, software, etc. Also make sure you collect any external hard drives or company-owned equipment an employee may have used as part of a home office. Recommendations for regulated companies If you’re in a regulated industry such as finance or healthcare, you must put extra measures in place to ensure compliance with governmental regulations. Here’s a list of suggestions that regulated companies can implement to better control access to corporate accounts and data. 1. Eliminate access to outside email/internet. 2. Restrict access to certain sites/apps (e.g. Facebook) to read-only. 3. Only allow access to company-approved sites. 4. Require employees to use desktop machines or dummy terminals. 5. Don’t allow employees to take laptops or work computers home. 6. Remove the ability for employees to utilize USB or external hard drives to save data from their computer. 7. Implement an approval process for all outbound email. This may include requiring approval by a manager before email goes out. 8. Only allow work email and information to be accessed on company-issued mobile devices. About Intermedia Intermedia’s Office in the Cloud offers email, phone service, file sync and share, single sign-on, archiving and more. They’re all fully integrated, secure and mobile. And they’re all managed through our central HostPilot control panel. Our services thwart the ex-employee menace by making it simple to revoke access to the entire cloud footprint with just one click. Learn more at Intermedia.net/RogueAccess. CALL US EMAIL US ON THE WEB 1.800.379.7729 sales@intermedia.net intermedia.net Intermedia’s cloud IT services prevent Rogue Access. Learn how. 3
Employee Offboarding Checklist Employee name: Supervisor name: Department: Separation date: Item(s) to collect Done If No, explain Computer, laptop and any other company equipment Logins for all corporate and department apps All digital certificates, key files, and passwords, including any client certificates that may be used for identity verification and/or “signing” purposes Keys to any company building or equipment (file cabinets, company car, machinery, etc.) ID badge VPN key fob or card Actions to perform Done If No, explain Instruct employee to remove personal data from company devices and accounts within a clear timeframe. Inform employee that devices, files, accounts, etc. revert to the company after they leave. Transfer ownership or access to any company records to the employee’s department. This includes records stored on non-company devices. Have employee remove company data from personal file sharing services and non-company devices. Have employee sign an agreement acknowledging that their data has been removed from personal services and devices. 1 Presented by:
Actions to perform Done If No, explain Have employee sign a non-compete or other NDA agreements. Ask employee whether there is any sensitive data on devices or in accounts that must be protected. Securely wipe employee’s laptop or computer and retain custody of all equipment. Disable ActiveSync and Active Directory for the employee. 2 About Intermedia Intermedia’s Office in the Cloud offers email, phone service, file sync and share, single sign-on, archiving and more. They’re all fully integrated, secure and mobile. And they’re all managed through our central HostPilot control panel. Our services thwart the ex-employee menace by making it simple to revoke access to the entire cloud footprint with just one click. Learn more at Intermedia.net/RogueAccess. CALL US EMAIL US ON THE WEB 1.800.379.7729 sales@intermedia.net intermedia.net Intermedia’s cloud IT services prevent Rogue Access. Learn how.

Recomendados

En msft-scrty-cntnt-e book-protectyourdata
En msft-scrty-cntnt-e book-protectyourdataEn msft-scrty-cntnt-e book-protectyourdata
En msft-scrty-cntnt-e book-protectyourdataOnline Business
 
Mobile Device Policy Template
Mobile Device Policy Template Mobile Device Policy Template
Mobile Device Policy Template Demand Metric
 
Medical Data Encryption 101
Medical Data Encryption 101Medical Data Encryption 101
Medical Data Encryption 101SecurityMetrics
 
How to Effectively Manage a Data Breach
How to Effectively Manage a Data Breach How to Effectively Manage a Data Breach
How to Effectively Manage a Data Breach SecurityMetrics
 
Running head hardware and software security14 hardware an
Running head hardware and software security14 hardware anRunning head hardware and software security14 hardware an
Running head hardware and software security14 hardware anAKHIL969626
 
Soonr IT Buyer's Guide
Soonr IT Buyer's GuideSoonr IT Buyer's Guide
Soonr IT Buyer's GuideReece Gaumont
 
The Workplace Engagement Economy Where HR, Social, Mobile, and Tech Collide
The Workplace Engagement Economy Where HR, Social, Mobile, and Tech CollideThe Workplace Engagement Economy Where HR, Social, Mobile, and Tech Collide
The Workplace Engagement Economy Where HR, Social, Mobile, and Tech CollideJessica Miller-Merrell
 
The HR Technology Selection Guide
The HR Technology Selection GuideThe HR Technology Selection Guide
The HR Technology Selection GuideJessica Miller-Merrell
 

Recomendados

En msft-scrty-cntnt-e book-protectyourdata
En msft-scrty-cntnt-e book-protectyourdataEn msft-scrty-cntnt-e book-protectyourdata
En msft-scrty-cntnt-e book-protectyourdataOnline Business
 
Mobile Device Policy Template
Mobile Device Policy Template Mobile Device Policy Template
Mobile Device Policy Template Demand Metric
 
Medical Data Encryption 101
Medical Data Encryption 101Medical Data Encryption 101
Medical Data Encryption 101SecurityMetrics
 
How to Effectively Manage a Data Breach
How to Effectively Manage a Data Breach How to Effectively Manage a Data Breach
How to Effectively Manage a Data Breach SecurityMetrics
 
Running head hardware and software security14 hardware an
Running head hardware and software security14 hardware anRunning head hardware and software security14 hardware an
Running head hardware and software security14 hardware anAKHIL969626
 
Soonr IT Buyer's Guide
Soonr IT Buyer's GuideSoonr IT Buyer's Guide
Soonr IT Buyer's GuideReece Gaumont
 
The Workplace Engagement Economy Where HR, Social, Mobile, and Tech Collide
The Workplace Engagement Economy Where HR, Social, Mobile, and Tech CollideThe Workplace Engagement Economy Where HR, Social, Mobile, and Tech Collide
The Workplace Engagement Economy Where HR, Social, Mobile, and Tech CollideJessica Miller-Merrell
 
The HR Technology Selection Guide
The HR Technology Selection GuideThe HR Technology Selection Guide
The HR Technology Selection GuideJessica Miller-Merrell
 
VTU - MIS Module 8 - Security and Ethical Challenges
VTU - MIS Module 8 - Security and Ethical ChallengesVTU - MIS Module 8 - Security and Ethical Challenges
VTU - MIS Module 8 - Security and Ethical ChallengesPriya Diana Mercy
 
Peoplesoft Erp
Peoplesoft ErpPeoplesoft Erp
Peoplesoft ErpAppsian
 
Risk and compliance as a business strengh - Canon CEE
Risk and compliance as a business strengh - Canon CEERisk and compliance as a business strengh - Canon CEE
Risk and compliance as a business strengh - Canon CEECanon Business CEE
 
ThinkDox implementation whitepaper for ECM
ThinkDox implementation whitepaper for ECMThinkDox implementation whitepaper for ECM
ThinkDox implementation whitepaper for ECMChristopher Wynder
 
Streamlining paper processes in a digital world - Canon CEE
Streamlining paper processes in a digital world - Canon CEEStreamlining paper processes in a digital world - Canon CEE
Streamlining paper processes in a digital world - Canon CEECanon Business CEE
 
Company code of conduct (IT related)
Company code of conduct (IT related)Company code of conduct (IT related)
Company code of conduct (IT related)Wissam Abdel Baki
 
Edward; w5; employee privacy report; 08.16.11. Copyright 2013 Edward F. T. Ch...
Edward; w5; employee privacy report; 08.16.11. Copyright 2013 Edward F. T. Ch...Edward; w5; employee privacy report; 08.16.11. Copyright 2013 Edward F. T. Ch...
Edward; w5; employee privacy report; 08.16.11. Copyright 2013 Edward F. T. Ch...Edward F. T. Charfauros
 
Safeguardsintheworkplace
SafeguardsintheworkplaceSafeguardsintheworkplace
SafeguardsintheworkplaceAdam Richards
 
IRJET- Data Leak Prevention System: A Survey
IRJET- Data Leak Prevention System: A SurveyIRJET- Data Leak Prevention System: A Survey
IRJET- Data Leak Prevention System: A SurveyIRJET Journal
 
Hirsch Identive | White Paper | Securing the Enterprise in a Networked World
Hirsch Identive | White Paper | Securing the Enterprise in a Networked WorldHirsch Identive | White Paper | Securing the Enterprise in a Networked World
Hirsch Identive | White Paper | Securing the Enterprise in a Networked WorldIdentive
 
5 ways your business can stay safe - and take off
5 ways your business can stay safe - and take off5 ways your business can stay safe - and take off
5 ways your business can stay safe - and take offTom Mellish
 
Ecm implementation planning_workshop_hospital_sample
Ecm implementation planning_workshop_hospital_sampleEcm implementation planning_workshop_hospital_sample
Ecm implementation planning_workshop_hospital_sampleChristopher Wynder
 
Proxy
ProxyProxy
ProxyProxies Rent
 
Future of the Work
Future of the WorkFuture of the Work
Future of the WorkJeanChidobe
 
Understanding the Computer Abuse and Data Recovery Act, Fla.Stat. §668.801 (“...
Understanding the Computer Abuse and Data Recovery Act, Fla.Stat. §668.801 (“...Understanding the Computer Abuse and Data Recovery Act, Fla.Stat. §668.801 (“...
Understanding the Computer Abuse and Data Recovery Act, Fla.Stat. §668.801 (“...David Sweigert
 
Still Careless Users In The Cloud - Research Study
Still Careless Users In The Cloud - Research StudyStill Careless Users In The Cloud - Research Study
Still Careless Users In The Cloud - Research StudySoftchoice Corporation
 
HIPAA Compliance Healthcare Datasheet - eFax Corporate Secure Faxing
HIPAA Compliance Healthcare Datasheet - eFax Corporate Secure FaxingHIPAA Compliance Healthcare Datasheet - eFax Corporate Secure Faxing
HIPAA Compliance Healthcare Datasheet - eFax Corporate Secure FaxingeFax Corporate®
 
New Approaches to Security and Availability for Cloud Data
New Approaches to Security and Availability for Cloud DataNew Approaches to Security and Availability for Cloud Data
New Approaches to Security and Availability for Cloud DataEMC
 
Internet Misuse inside the Company
Internet Misuse inside the CompanyInternet Misuse inside the Company
Internet Misuse inside the CompanyRoberto de Paula Lico Junior
 
Maa s360 10command_ebook-bangalore
Maa s360 10command_ebook-bangaloreMaa s360 10command_ebook-bangalore
Maa s360 10command_ebook-bangaloreIBM Software India
 
Maa s360 10command_ebook-bangalore[1]
Maa s360 10command_ebook-bangalore[1]Maa s360 10command_ebook-bangalore[1]
Maa s360 10command_ebook-bangalore[1]IBM Software India
 
6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight Back6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight BackMTG IT Professionals
 

Más contenido relacionado

La actualidad más candente

VTU - MIS Module 8 - Security and Ethical Challenges
VTU - MIS Module 8 - Security and Ethical ChallengesVTU - MIS Module 8 - Security and Ethical Challenges
VTU - MIS Module 8 - Security and Ethical ChallengesPriya Diana Mercy
 
Peoplesoft Erp
Peoplesoft ErpPeoplesoft Erp
Peoplesoft ErpAppsian
 
Risk and compliance as a business strengh - Canon CEE
Risk and compliance as a business strengh - Canon CEERisk and compliance as a business strengh - Canon CEE
Risk and compliance as a business strengh - Canon CEECanon Business CEE
 
ThinkDox implementation whitepaper for ECM
ThinkDox implementation whitepaper for ECMThinkDox implementation whitepaper for ECM
ThinkDox implementation whitepaper for ECMChristopher Wynder
 
Streamlining paper processes in a digital world - Canon CEE
Streamlining paper processes in a digital world - Canon CEEStreamlining paper processes in a digital world - Canon CEE
Streamlining paper processes in a digital world - Canon CEECanon Business CEE
 
Company code of conduct (IT related)
Company code of conduct (IT related)Company code of conduct (IT related)
Company code of conduct (IT related)Wissam Abdel Baki
 
Edward; w5; employee privacy report; 08.16.11. Copyright 2013 Edward F. T. Ch...
Edward; w5; employee privacy report; 08.16.11. Copyright 2013 Edward F. T. Ch...Edward; w5; employee privacy report; 08.16.11. Copyright 2013 Edward F. T. Ch...
Edward; w5; employee privacy report; 08.16.11. Copyright 2013 Edward F. T. Ch...Edward F. T. Charfauros
 
Safeguardsintheworkplace
SafeguardsintheworkplaceSafeguardsintheworkplace
SafeguardsintheworkplaceAdam Richards
 
IRJET- Data Leak Prevention System: A Survey
IRJET- Data Leak Prevention System: A SurveyIRJET- Data Leak Prevention System: A Survey
IRJET- Data Leak Prevention System: A SurveyIRJET Journal
 
Hirsch Identive | White Paper | Securing the Enterprise in a Networked World
Hirsch Identive | White Paper | Securing the Enterprise in a Networked WorldHirsch Identive | White Paper | Securing the Enterprise in a Networked World
Hirsch Identive | White Paper | Securing the Enterprise in a Networked WorldIdentive
 
5 ways your business can stay safe - and take off
5 ways your business can stay safe - and take off5 ways your business can stay safe - and take off
5 ways your business can stay safe - and take offTom Mellish
 
Ecm implementation planning_workshop_hospital_sample
Ecm implementation planning_workshop_hospital_sampleEcm implementation planning_workshop_hospital_sample
Ecm implementation planning_workshop_hospital_sampleChristopher Wynder
 
Future of the Work
Future of the WorkFuture of the Work
Future of the WorkJeanChidobe
 
Understanding the Computer Abuse and Data Recovery Act, Fla.Stat. §668.801 (“...
Understanding the Computer Abuse and Data Recovery Act, Fla.Stat. §668.801 (“...Understanding the Computer Abuse and Data Recovery Act, Fla.Stat. §668.801 (“...
Understanding the Computer Abuse and Data Recovery Act, Fla.Stat. §668.801 (“...David Sweigert
 
Still Careless Users In The Cloud - Research Study
Still Careless Users In The Cloud - Research StudyStill Careless Users In The Cloud - Research Study
Still Careless Users In The Cloud - Research StudySoftchoice Corporation
 
HIPAA Compliance Healthcare Datasheet - eFax Corporate Secure Faxing
HIPAA Compliance Healthcare Datasheet - eFax Corporate Secure FaxingHIPAA Compliance Healthcare Datasheet - eFax Corporate Secure Faxing
HIPAA Compliance Healthcare Datasheet - eFax Corporate Secure FaxingeFax Corporate®
 
New Approaches to Security and Availability for Cloud Data
New Approaches to Security and Availability for Cloud DataNew Approaches to Security and Availability for Cloud Data
New Approaches to Security and Availability for Cloud DataEMC
 

La actualidad más candente (19)

VTU - MIS Module 8 - Security and Ethical Challenges
VTU - MIS Module 8 - Security and Ethical ChallengesVTU - MIS Module 8 - Security and Ethical Challenges
VTU - MIS Module 8 - Security and Ethical Challenges
 
Peoplesoft Erp
Peoplesoft ErpPeoplesoft Erp
Peoplesoft Erp
 
Risk and compliance as a business strengh - Canon CEE
Risk and compliance as a business strengh - Canon CEERisk and compliance as a business strengh - Canon CEE
Risk and compliance as a business strengh - Canon CEE
 
ThinkDox implementation whitepaper for ECM
ThinkDox implementation whitepaper for ECMThinkDox implementation whitepaper for ECM
ThinkDox implementation whitepaper for ECM
 
Streamlining paper processes in a digital world - Canon CEE
Streamlining paper processes in a digital world - Canon CEEStreamlining paper processes in a digital world - Canon CEE
Streamlining paper processes in a digital world - Canon CEE
 
Company code of conduct (IT related)
Company code of conduct (IT related)Company code of conduct (IT related)
Company code of conduct (IT related)
 
Edward; w5; employee privacy report; 08.16.11. Copyright 2013 Edward F. T. Ch...
Edward; w5; employee privacy report; 08.16.11. Copyright 2013 Edward F. T. Ch...Edward; w5; employee privacy report; 08.16.11. Copyright 2013 Edward F. T. Ch...
Edward; w5; employee privacy report; 08.16.11. Copyright 2013 Edward F. T. Ch...
 
Safeguardsintheworkplace
SafeguardsintheworkplaceSafeguardsintheworkplace
Safeguardsintheworkplace
 
IRJET- Data Leak Prevention System: A Survey
IRJET- Data Leak Prevention System: A SurveyIRJET- Data Leak Prevention System: A Survey
IRJET- Data Leak Prevention System: A Survey
 
Hirsch Identive | White Paper | Securing the Enterprise in a Networked World
Hirsch Identive | White Paper | Securing the Enterprise in a Networked WorldHirsch Identive | White Paper | Securing the Enterprise in a Networked World
Hirsch Identive | White Paper | Securing the Enterprise in a Networked World
 
5 ways your business can stay safe - and take off
5 ways your business can stay safe - and take off5 ways your business can stay safe - and take off
5 ways your business can stay safe - and take off
 
Ecm implementation planning_workshop_hospital_sample
Ecm implementation planning_workshop_hospital_sampleEcm implementation planning_workshop_hospital_sample
Ecm implementation planning_workshop_hospital_sample
 
Proxy
ProxyProxy
Proxy
 
Future of the Work
Future of the WorkFuture of the Work
Future of the Work
 
Understanding the Computer Abuse and Data Recovery Act, Fla.Stat. §668.801 (“...
Understanding the Computer Abuse and Data Recovery Act, Fla.Stat. §668.801 (“...Understanding the Computer Abuse and Data Recovery Act, Fla.Stat. §668.801 (“...
Understanding the Computer Abuse and Data Recovery Act, Fla.Stat. §668.801 (“...
 
Still Careless Users In The Cloud - Research Study
Still Careless Users In The Cloud - Research StudyStill Careless Users In The Cloud - Research Study
Still Careless Users In The Cloud - Research Study
 
HIPAA Compliance Healthcare Datasheet - eFax Corporate Secure Faxing
HIPAA Compliance Healthcare Datasheet - eFax Corporate Secure FaxingHIPAA Compliance Healthcare Datasheet - eFax Corporate Secure Faxing
HIPAA Compliance Healthcare Datasheet - eFax Corporate Secure Faxing
 
New Approaches to Security and Availability for Cloud Data
New Approaches to Security and Availability for Cloud DataNew Approaches to Security and Availability for Cloud Data
New Approaches to Security and Availability for Cloud Data
 
Internet Misuse inside the Company
Internet Misuse inside the CompanyInternet Misuse inside the Company
Internet Misuse inside the Company
 

Similar a Manage IT Access Best Practices

Maa s360 10command_ebook-bangalore
Maa s360 10command_ebook-bangaloreMaa s360 10command_ebook-bangalore
Maa s360 10command_ebook-bangaloreIBM Software India
 
Maa s360 10command_ebook-bangalore[1]
Maa s360 10command_ebook-bangalore[1]Maa s360 10command_ebook-bangalore[1]
Maa s360 10command_ebook-bangalore[1]IBM Software India
 
6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight Back6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight BackMTG IT Professionals
 
Mobile Device Management for Office 365 - Atidan
Mobile Device Management for Office 365 - AtidanMobile Device Management for Office 365 - Atidan
Mobile Device Management for Office 365 - AtidanDavid J Rosenthal
 
Ten Commandments of BYOD
Ten Commandments of BYODTen Commandments of BYOD
Ten Commandments of BYODK Singh
 
Security as a Service with Microsoft Presented by Razor Technology
Security as a Service with Microsoft Presented by Razor TechnologySecurity as a Service with Microsoft Presented by Razor Technology
Security as a Service with Microsoft Presented by Razor TechnologyDavid J Rosenthal
 
Sample Data Security PoliciesThis document provides three ex.docx
Sample Data Security PoliciesThis document provides three ex.docxSample Data Security PoliciesThis document provides three ex.docx
Sample Data Security PoliciesThis document provides three ex.docxrtodd599
 
Student NameCYB110Playbook Runbook Parts 1-3S.docx
Student NameCYB110Playbook Runbook Parts 1-3S.docxStudent NameCYB110Playbook Runbook Parts 1-3S.docx
Student NameCYB110Playbook Runbook Parts 1-3S.docxdeanmtaylor1545
 
User Provisioning, Comparison of Common Methodologies, Cloud Provisioning
User Provisioning, Comparison of Common Methodologies, Cloud ProvisioningUser Provisioning, Comparison of Common Methodologies, Cloud Provisioning
User Provisioning, Comparison of Common Methodologies, Cloud ProvisioningDave Wippich
 
FCC Guidelines on Cyber Security
FCC Guidelines on Cyber SecurityFCC Guidelines on Cyber Security
FCC Guidelines on Cyber SecurityMeg Weber
 
Get your Enterprise Ready for GDPR
Get your Enterprise Ready for GDPRGet your Enterprise Ready for GDPR
Get your Enterprise Ready for GDPRAbhishek Sood
 
5 Reasons Why Your Business Should Consider Strong Authentication!
5 Reasons Why Your Business Should Consider Strong Authentication!5 Reasons Why Your Business Should Consider Strong Authentication!
5 Reasons Why Your Business Should Consider Strong Authentication!Caroline Johnson
 
Security Management Practices
Security Management PracticesSecurity Management Practices
Security Management Practicesamiable_indian
 
Level 3 lsr tech solutions employee access iphone and ipad
Level 3 lsr tech solutions employee access iphone and ipadLevel 3 lsr tech solutions employee access iphone and ipad
Level 3 lsr tech solutions employee access iphone and ipadjoeblow1234
 
Symantec Mobility Suite -Workforce apps
Symantec Mobility Suite -Workforce apps Symantec Mobility Suite -Workforce apps
Symantec Mobility Suite -Workforce appsSymantec
 
Course Session Outline - Internal control in Information System
Course Session Outline - Internal control in Information SystemCourse Session Outline - Internal control in Information System
Course Session Outline - Internal control in Information SystemTheodore Le
 
IT Asset management presentation
IT Asset management presentationIT Asset management presentation
IT Asset management presentationAshita Mehra
 
Security Policy Checklist
Security Policy ChecklistSecurity Policy Checklist
Security Policy Checklistbackdoor
 

Similar a Manage IT Access Best Practices (20)

Maa s360 10command_ebook-bangalore
Maa s360 10command_ebook-bangaloreMaa s360 10command_ebook-bangalore
Maa s360 10command_ebook-bangalore
 
Maa s360 10command_ebook-bangalore[1]
Maa s360 10command_ebook-bangalore[1]Maa s360 10command_ebook-bangalore[1]
Maa s360 10command_ebook-bangalore[1]
 
6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight Back6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight Back
 
Mobile Device Management for Office 365 - Atidan
Mobile Device Management for Office 365 - AtidanMobile Device Management for Office 365 - Atidan
Mobile Device Management for Office 365 - Atidan
 
Ten Commandments of BYOD
Ten Commandments of BYODTen Commandments of BYOD
Ten Commandments of BYOD
 
Security as a Service with Microsoft Presented by Razor Technology
Security as a Service with Microsoft Presented by Razor TechnologySecurity as a Service with Microsoft Presented by Razor Technology
Security as a Service with Microsoft Presented by Razor Technology
 
Sample Data Security PoliciesThis document provides three ex.docx
Sample Data Security PoliciesThis document provides three ex.docxSample Data Security PoliciesThis document provides three ex.docx
Sample Data Security PoliciesThis document provides three ex.docx
 
Student NameCYB110Playbook Runbook Parts 1-3S.docx
Student NameCYB110Playbook Runbook Parts 1-3S.docxStudent NameCYB110Playbook Runbook Parts 1-3S.docx
Student NameCYB110Playbook Runbook Parts 1-3S.docx
 
User Provisioning, Comparison of Common Methodologies, Cloud Provisioning
User Provisioning, Comparison of Common Methodologies, Cloud ProvisioningUser Provisioning, Comparison of Common Methodologies, Cloud Provisioning
User Provisioning, Comparison of Common Methodologies, Cloud Provisioning
 
FCC Guidelines on Cyber Security
FCC Guidelines on Cyber SecurityFCC Guidelines on Cyber Security
FCC Guidelines on Cyber Security
 
SEC440: Incident Response Plan
SEC440: Incident Response PlanSEC440: Incident Response Plan
SEC440: Incident Response Plan
 
Get your Enterprise Ready for GDPR
Get your Enterprise Ready for GDPRGet your Enterprise Ready for GDPR
Get your Enterprise Ready for GDPR
 
5 Reasons Why Your Business Should Consider Strong Authentication!
5 Reasons Why Your Business Should Consider Strong Authentication!5 Reasons Why Your Business Should Consider Strong Authentication!
5 Reasons Why Your Business Should Consider Strong Authentication!
 
Security Management Practices
Security Management PracticesSecurity Management Practices
Security Management Practices
 
Level 3 lsr tech solutions employee access iphone and ipad
Level 3 lsr tech solutions employee access iphone and ipadLevel 3 lsr tech solutions employee access iphone and ipad
Level 3 lsr tech solutions employee access iphone and ipad
 
Symantec Mobility Suite -Workforce apps
Symantec Mobility Suite -Workforce apps Symantec Mobility Suite -Workforce apps
Symantec Mobility Suite -Workforce apps
 
08 pdf show-239
08 pdf show-23908 pdf show-239
08 pdf show-239
 
Course Session Outline - Internal control in Information System
Course Session Outline - Internal control in Information SystemCourse Session Outline - Internal control in Information System
Course Session Outline - Internal control in Information System
 
IT Asset management presentation
IT Asset management presentationIT Asset management presentation
IT Asset management presentation
 
Security Policy Checklist
Security Policy ChecklistSecurity Policy Checklist
Security Policy Checklist
 

Más de Liberteks

Testing SAP Solutions for Dummies
Testing SAP Solutions for DummiesTesting SAP Solutions for Dummies
Testing SAP Solutions for DummiesLiberteks
 
System Engineering for Dummies
System Engineering for DummiesSystem Engineering for Dummies
System Engineering for DummiesLiberteks
 
Sales and use tax compliance for dummies
Sales and use tax compliance for dummiesSales and use tax compliance for dummies
Sales and use tax compliance for dummiesLiberteks
 
QuestionPro for dummies
QuestionPro for dummiesQuestionPro for dummies
QuestionPro for dummiesLiberteks
 
IT Policy Compliance for Dummies
IT Policy Compliance for DummiesIT Policy Compliance for Dummies
IT Policy Compliance for DummiesLiberteks
 
Point -of-Sale Security for Dummies
Point -of-Sale Security for DummiesPoint -of-Sale Security for Dummies
Point -of-Sale Security for DummiesLiberteks
 
Midmarket Collaboration for Dummies
Midmarket Collaboration for DummiesMidmarket Collaboration for Dummies
Midmarket Collaboration for DummiesLiberteks
 
Email Signatures for Dummies
Email Signatures for DummiesEmail Signatures for Dummies
Email Signatures for DummiesLiberteks
 
Custom Publishing for Dummies
Custom Publishing for DummiesCustom Publishing for Dummies
Custom Publishing for DummiesLiberteks
 
Cloud Service for Dummies
Cloud Service for DummiesCloud Service for Dummies
Cloud Service for DummiesLiberteks
 
B2B Online Display Advertising for Dummies
B2B Online Display Advertising for DummiesB2B Online Display Advertising for Dummies
B2B Online Display Advertising for DummiesLiberteks
 
APIs for dummies
APIs for dummiesAPIs for dummies
APIs for dummiesLiberteks
 
Website Threats for Dummies
Website Threats for DummiesWebsite Threats for Dummies
Website Threats for DummiesLiberteks
 
Software-Defined WAM for Dummies
Software-Defined WAM for DummiesSoftware-Defined WAM for Dummies
Software-Defined WAM for DummiesLiberteks
 
Vulnerability Management for Dummies
Vulnerability Management for DummiesVulnerability Management for Dummies
Vulnerability Management for DummiesLiberteks
 
Integrated Marketing For Dummies
Integrated Marketing For DummiesIntegrated Marketing For Dummies
Integrated Marketing For DummiesLiberteks
 
Hyper-Converged Appliances for Dummies
Hyper-Converged Appliances for DummiesHyper-Converged Appliances for Dummies
Hyper-Converged Appliances for DummiesLiberteks
 
Flash Array Deployment for Dummies
Flash Array Deployment for DummiesFlash Array Deployment for Dummies
Flash Array Deployment for DummiesLiberteks
 
Container Storage for Dummies
Container Storage for DummiesContainer Storage for Dummies
Container Storage for DummiesLiberteks
 
Cloud Security for Dumies
Cloud Security for DumiesCloud Security for Dumies
Cloud Security for DumiesLiberteks
 

Más de Liberteks (20)

Testing SAP Solutions for Dummies
Testing SAP Solutions for DummiesTesting SAP Solutions for Dummies
Testing SAP Solutions for Dummies
 
System Engineering for Dummies
System Engineering for DummiesSystem Engineering for Dummies
System Engineering for Dummies
 
Sales and use tax compliance for dummies
Sales and use tax compliance for dummiesSales and use tax compliance for dummies
Sales and use tax compliance for dummies
 
QuestionPro for dummies
QuestionPro for dummiesQuestionPro for dummies
QuestionPro for dummies
 
IT Policy Compliance for Dummies
IT Policy Compliance for DummiesIT Policy Compliance for Dummies
IT Policy Compliance for Dummies
 
Point -of-Sale Security for Dummies
Point -of-Sale Security for DummiesPoint -of-Sale Security for Dummies
Point -of-Sale Security for Dummies
 
Midmarket Collaboration for Dummies
Midmarket Collaboration for DummiesMidmarket Collaboration for Dummies
Midmarket Collaboration for Dummies
 
Email Signatures for Dummies
Email Signatures for DummiesEmail Signatures for Dummies
Email Signatures for Dummies
 
Custom Publishing for Dummies
Custom Publishing for DummiesCustom Publishing for Dummies
Custom Publishing for Dummies
 
Cloud Service for Dummies
Cloud Service for DummiesCloud Service for Dummies
Cloud Service for Dummies
 
B2B Online Display Advertising for Dummies
B2B Online Display Advertising for DummiesB2B Online Display Advertising for Dummies
B2B Online Display Advertising for Dummies
 
APIs for dummies
APIs for dummiesAPIs for dummies
APIs for dummies
 
Website Threats for Dummies
Website Threats for DummiesWebsite Threats for Dummies
Website Threats for Dummies
 
Software-Defined WAM for Dummies
Software-Defined WAM for DummiesSoftware-Defined WAM for Dummies
Software-Defined WAM for Dummies
 
Vulnerability Management for Dummies
Vulnerability Management for DummiesVulnerability Management for Dummies
Vulnerability Management for Dummies
 
Integrated Marketing For Dummies
Integrated Marketing For DummiesIntegrated Marketing For Dummies
Integrated Marketing For Dummies
 
Hyper-Converged Appliances for Dummies
Hyper-Converged Appliances for DummiesHyper-Converged Appliances for Dummies
Hyper-Converged Appliances for Dummies
 
Flash Array Deployment for Dummies
Flash Array Deployment for DummiesFlash Array Deployment for Dummies
Flash Array Deployment for Dummies
 
Container Storage for Dummies
Container Storage for DummiesContainer Storage for Dummies
Container Storage for Dummies
 
Cloud Security for Dumies
Cloud Security for DumiesCloud Security for Dumies
Cloud Security for Dumies
 

Último

🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 

Último (20)

🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 

Manage IT Access Best Practices

  • 1. Preventing Rogue Access Processes for managing IT access Best practices for onboarding new employees An exhaustive onboarding checklist Plus: Advice for regulated companies Intermedia and Osterman Research recently surveyed knowledge workers about their access to former employers’ IT systems. An incredible 89% of respondents retained access to at least one system—such as Salesforce, PayPal, email, SharePoint and other sensitive corporate apps. One of Osterman Research’s key recommendations for preventing this kind of access is to implement best practices for managing employee access to IT services as well as a rigorous IT offboarding process for departing employees. This document presents a template for bringing these practices to your company. It includes guidelines for setting up internal processes as well as specific actions to take when onboarding and offboarding employees. In addition, it includes recommendations specific to regulated industries such as financial services, legal services and healthcare. Find more tips for preventing Rogue Access—plus a white paper by Osterman Research—at Intermedia.net/RogueAccess Learn how Intermedia’s email, phone, file storage and single sign-on services dramatically reduce the risks of rogue access. Call (800) 379.7729 or email sales@intermedia.net. How to manage user access to IT services during employment—and after employment ends. 1 presented by
  • 2. Best practices for tracking access to IT systems The first step to preventing unauthorized access by current and former employees is to develop a complete understanding of your IT landscape and the access privileges within it. IT systems access recommendations 1. Establish a security and compliance group within the company This group should monitor two key areas: 1) who has access to which IT services and 2) how information is being accessed and shared. You should build this group’s role into broader IT policies so that alerts can go out when a policy has been violated. This group should provide compliance and security training to employees on a quarterly/yearly basis. 2. Put in place a clear set of company IT policies. This includes policies on app usage, a list of approved sites and services and a list of approved software and apps that employees can use. Also, require that employees use company-provided logins for these apps instead of personal logins. 3. Provide role-based access to applications. Create a stringent approval process for all services, apps, and equipment that employees need. Employ two levels of approval for each request: approval from the employee’s direct manager, as well as a VP or account owner. Keep records in a centralized database, so you have a clear “paper trail” of all services and equipment given to each employee. 4. Create a central repository for admin logins and passwords. Don’t give users admin rights to their laptops. Instead, require employees to log tickets with IT to get access to download new software. 5. Eliminate shared logins/accounts. Assign accounts to one person whenever possible. If you have to use a shared account for budgetary reasons, make sure you rotate out the password on a monthly basis and employ strong password policies. 6. Conduct regular audits. Audit all your user accounts (LDAP, Active Directory, all apps) regularly. Have a single place for running audit reports and searching for users. Make sure you track all the apps being used—regardless of department— so you know who’s paying for them, who “owns” them, and what access and control IT has. Employee onboarding recommendations 1. Set up your accounts in Active Directory, and make sure all cloud apps are SAML authenticated. This gives you one central location to manage employee accounts. It also makes it faster and easier to provision and de-provision employees. 2. Use unique identifiers when creating new employee accounts. In the system in which you’re creating the account, fill an unused attribute field with the employee’s unique HR-assigned ID number. This way, if a user has different name listings (e.g. J. Smith, Joe S., etc.), it’s easier to find all the apps with which they are associated. 3. Maintain a distribution list to announce new hires. A distribution lists ensures that all key departments (Finance, HR, Facilities, etc.) are notified without fail when someone new is coming onboard. 4. Run a system audit when employees change departments. Make sure you de-provision access to anything the employee no longer needs in their new role. That way, employees always have access to only those systems and applications that they really need to do their jobs. Employee offboarding recommendations 1. Adhere to a strict employee offboarding checklist. A sample checklist is included in this document. 2. Maintain distribution list for terminations. Similar to your new hire distribution list, create a list that informs key departments (Finance, HR, Facilities, Legal, etc.) when an employee is leaving. 3. Direct the email account of a departing employee to his/her manager. Reroute the departing employee’s email account to their manager for the first 2-3 months so that important messages are retained and handled. 2
  • 3. 4. Terminate all employee accounts. It is critical to terminate every employee account to every service, both on-premises and in the cloud. If the employee is the primary contact for an online account or project, make sure that contact gets re-assigned. 5. Review the apps saved in your employee’s single sign- on portal. This is an excellent method for discovering apps that an employee may have provisioned or used without IT’s knowledge. (These “unknown” apps are the most likely to create the risk of post-employment access.) 6. Make sure to collect all company assets: laptops, phones, ID badges, software, etc. Also make sure you collect any external hard drives or company-owned equipment an employee may have used as part of a home office. Recommendations for regulated companies If you’re in a regulated industry such as finance or healthcare, you must put extra measures in place to ensure compliance with governmental regulations. Here’s a list of suggestions that regulated companies can implement to better control access to corporate accounts and data. 1. Eliminate access to outside email/internet. 2. Restrict access to certain sites/apps (e.g. Facebook) to read-only. 3. Only allow access to company-approved sites. 4. Require employees to use desktop machines or dummy terminals. 5. Don’t allow employees to take laptops or work computers home. 6. Remove the ability for employees to utilize USB or external hard drives to save data from their computer. 7. Implement an approval process for all outbound email. This may include requiring approval by a manager before email goes out. 8. Only allow work email and information to be accessed on company-issued mobile devices. About Intermedia Intermedia’s Office in the Cloud offers email, phone service, file sync and share, single sign-on, archiving and more. They’re all fully integrated, secure and mobile. And they’re all managed through our central HostPilot control panel. Our services thwart the ex-employee menace by making it simple to revoke access to the entire cloud footprint with just one click. Learn more at Intermedia.net/RogueAccess. CALL US EMAIL US ON THE WEB 1.800.379.7729 sales@intermedia.net intermedia.net Intermedia’s cloud IT services prevent Rogue Access. Learn how. 3
  • 4. Employee Offboarding Checklist Employee name: Supervisor name: Department: Separation date: Item(s) to collect Done If No, explain Computer, laptop and any other company equipment Logins for all corporate and department apps All digital certificates, key files, and passwords, including any client certificates that may be used for identity verification and/or “signing” purposes Keys to any company building or equipment (file cabinets, company car, machinery, etc.) ID badge VPN key fob or card Actions to perform Done If No, explain Instruct employee to remove personal data from company devices and accounts within a clear timeframe. Inform employee that devices, files, accounts, etc. revert to the company after they leave. Transfer ownership or access to any company records to the employee’s department. This includes records stored on non-company devices. Have employee remove company data from personal file sharing services and non-company devices. Have employee sign an agreement acknowledging that their data has been removed from personal services and devices. 1 Presented by:
  • 5. Actions to perform Done If No, explain Have employee sign a non-compete or other NDA agreements. Ask employee whether there is any sensitive data on devices or in accounts that must be protected. Securely wipe employee’s laptop or computer and retain custody of all equipment. Disable ActiveSync and Active Directory for the employee. 2 About Intermedia Intermedia’s Office in the Cloud offers email, phone service, file sync and share, single sign-on, archiving and more. They’re all fully integrated, secure and mobile. And they’re all managed through our central HostPilot control panel. Our services thwart the ex-employee menace by making it simple to revoke access to the entire cloud footprint with just one click. Learn more at Intermedia.net/RogueAccess. CALL US EMAIL US ON THE WEB 1.800.379.7729 sales@intermedia.net intermedia.net Intermedia’s cloud IT services prevent Rogue Access. Learn how.