SlideShare a Scribd company logo

BetterCloud Whitepaper: Offboarding Inefficiencies and Security Threats

BetterCloud
BetterCloud

With the increase of SaaS apps in the workplace, it can take hours to just offboard one employee. Its time to tackle this issue, and offboard fast, and securely.

Technology
1 of 16
Download to read offline
W H I T E P A P E R Identifying and Eliminating Employee Offboarding Inefficiencies and Security Threats
info@bettercloud.com | (888) 999-0805 2 Table of Contents Offboarding as an Organizational Issue ................................................... 3 3 Reasons Modern Day Offboarding is Getting More Complex ............................................................................. 4 The Top 4 Threats Posed by Improper Offboarding (and How to Address Each) ......................................................................... 6 5 Key Benefits of Orchestrated Offboarding ......................................... 10 Case Study: SaaS Offboarding Orchestration in the World of High-Tech Venture Capital ............................................. 12
info@bettercloud.com | (888) 999-0805 3 Offboarding as an Organizational Issue First of all, we want to offer our apologies for any inconvenience. Unfortunately, an ex-administrator has deleted all customer data and wiped most servers. Because of this, we took the necessary steps to temporarily take our network offline.” Message posted on verelox.com after an improper offboarding incident. “ As of this writing, Verelox, a virtual and dedicated server provider, has yet to relaunch its site after an ex-employee was improperly offboarded. That’s 30+ days with no website, likely leading to severe losses of both customers and revenue. It’s time for everyone, from investors to IT, to own up to a harsh truth. Neglect is no longer an option. Verelox is a victim of a phenomenon that shows zero mercy, turning successful companies into skeletal ruins (see also: RealityCheckNetwork). How is it possible that this little talked about topic that is a vital operating aspect of every organization is often masquerading as a checklist chore for a newly hired IT admin? Every department and every employee has (or will one day soon) be affected by offboarding. But a closer examination shows that offboarding departing employees has become extremely complicated in today’s modern workplaces. Data lives in multiple siloed applications, some sanctioned by IT and some not, and often there is no way for IT to take action quickly enough (if at all) to prevent potential catastrophes like those above during offboarding. Executives should care because offboarding affects the bottom line, under the guise of data breaches, failed compliance, hindered productivity, data loss, and even loss of revenue. Every employee should care because improper offboarding can cost them their jobs, lead to identity theft, litigation, and lifelong negative career impacts. It’s time to know the threats off offboarding and start working toward a solution.
info@bettercloud.com | (888) 999-0805 4 3 Reasons Modern Day Offboarding is Getting More Complex The Gig Economy The employee that sticks around for 10-plus years is a rare one indeed. It’s common now to change jobs after couple of years. In fact, the Bureau of Labor Statistics confirms that as of 2016, the average employee changes jobs every 4.2 years, down 9% from just two years prior. This number is only going to decrease in the future. This type of turnover is nothing new. But the technology involved is. SaaS has altered the playing field, and as a result, most companies approach to offboarding is ad hoc. Despite the frequency, inevitability, and potential to cause chaos, offboarding is nothing more than a PDF checklist. What’s more, with the rise of freelancers, contractors, and consultants, “turnover” is more prevalent than ever. So much so that the trend has been dubbed the “gig” economy. Already, freelancers make up 35% of the U.S. workforce. By 2020 (less than three years away), experts believe this number could rise to nearly 50%. What happens when companies are working with too many freelancers, granting access to data and applications, but failing to revoke it? SaaS technology continues to make it easier than ever to collaborate. New apps like Google Drive, Dropbox, and Slack encourage sharing and make collaboration simple. While this drives productivity, it also allows data to flow freely (sometimes outside your organization) and makes that data difficult to track down and control. This new style of workforce and the tendency to change jobs every few years is a growing concern, adding complexity to an already challenging task. 1 2Sheer Volume of Applications Creates Additional Risk According to an Intermedia and Osterman Research report, 89% of ex-employees retain access to email accounts, Salesforce, SharePoint, and other sensitive corporate applications, including some applications not often considered sensitive but that have the potential to damage a company’s brand (Facebook) or bank account (PayPal). And 49% actually log into an account after leaving the company. What does this mean for organizations? • Without a policy in place to prevent it, ex-employees can usually access applications and company data. • Odds are high (over 50%) that if they can access it, they will. • Even the most well-intentioned people will try to leave with company data, whether it’s on purpose or not. Preventing access to approved applications is one thing, but imagine offboarding an influential employee who worked extensively with applications IT didn’t know existed? How would a company get that information back? They can ask nicely, but that’s about the extent of their power. Whether it’s frowned upon, or even forbidden, employees will rarely place security above productivity. That’s why security controls are necessary. Exiting employees should never take data or application access with them when
info@bettercloud.com | (888) 999-0805 5 3 they leave. This exposure not only makes companies vulnerable to data breaches, but it also opens the door for compliance issues, productivity loss, and potentially even lost revenue or destruction of shareholder value. Data Sprawl Across Applications Creates Complexity Today, data is created at an unprecedented rate. It’s common for employees to send and receive more close to 3,000 emails a month. Executives might receive more than 10,000. Within days of being hired, an employee will likely have access to thousands of company documents. They’ll gain access to applications, forward emails or share documents with personal accounts, and handle sensitive data on personal devices using unsecured Wi-Fi networks. For years, executives (and productivity application vendors) have focused on driving productivity through increased collaboration. But the result, when not executed with the full oversight of IT, is high productivity coupled with significant security exposures. In other words, almost zero control for IT. It’s a multi-SaaS maelstrom, and it makes processes like employee offboarding extremely difficult to plan for, let alone execute, properly.
info@bettercloud.com | (888) 999-0805 6 The Top 4 Threats Posed by Improper Offboarding (and How to Address Each) Offboarding begins long before an employee’s last day. Or at least it should. However, the vast majority of companies think about offboarding when it becomes a problem, not before. But what happens if neglect becomes the only strategy? The results are potentially devastating. A simple offboarding error can cost an entire IT team their jobs, not to mention C-level executives. Knowing the risks and taking preventative and proactive actions to protect data won’t go unnoticed, especially if the complexity and value of those measures are articulated. Offboarding is a dirty job, but somebody has to do it. And that somebody needs to do it right. Exiting Employee Steals or Inappropriately Accesses Company Data with Malicious Intent A data breach is likely the first thought that occurs when discussing offboarding risks. Afterall, a departing employee is likely to leave a company on less than amicable terms. This is called an insider threat, and it’s one of the most common causes of data breaches. For companies that want to avoid this threat, there are many preventative measures that can be taken, many of which take place prior to “offboarding” even officially begins. Here are a few common preventative practices: Step 1 - Prevent email forwarding and sharing files to personal accounts. Offboarding should start begins before it really ever begins. For most employees, it’s not a big deal to take valuable information with them when they switch jobs. Sometimes it’s harmless. Employees simply forwarding personal notes or other miscellaneous emails. But other times, intellectual property is stolen. Even customer and employee personally identifiable information (PII) can slip through the cracks. Compliance can become a major concern. Policies can (and in many cases should) be in place to prevent this type of behavior. Step 2 - Reset shared passwords. At most companies, and in most departments, there are common passwords that are used for shared accounts. These are spread via word of mouth or made accessible in password managers. They are often simple to remember. When an employee exits, they don’t suddenly forget these commonly known passwords. IT should take it on themselves to reset these passwords during offboarding. A password manager like LastPass can make this process easier to execute, as well as add an extra layer of security by enforcing very complex passwords because no one needs to remember them in the first place. Step 3 - Revoke access to all applications. It should take just seconds, not minutes, hours, or days for IT to revoke access to applications as soon as an employee exits. Failure to do so is a severe concern. An ex-employee with bad intentions can wreak havoc on purpose. An ex-employee with good intentions can wreak havoc by accident. Either way, revoking access to all applications should be done in a timely (i.e. immediate) fashion. Be sure to examine which applications may retain authentication through OAuth tokens even after a user’s 1
info@bettercloud.com | (888) 999-0805 7 password is changed on the account. There are countless examples (here’s one) of users staying signed in to applications via OAuth even after their password has been changed. Step 4 - Collect and/or wipe data from devices. Much like revoking access to applications, immediately when an employee walks out the door, company data should be removed from mobile devices, whether they are owned by the company or the ex-employee. Without doing so, a company is vulnerable. There are a variety of mobile device management solutions on the market to help enforce a policy here, although stock solutions like G Suite’s device management controls are often enough these days, if your company is not dealing with much sensitive information in offline files. However, you still need to automate the execution of these steps in order to protect against exposure. Compliance Violations or Breaches of Confidentiality Due to Administrative Errors There are a number of industry regulations and compliance standards that apply to offboarding, not to mention the fact that offboarding almost universally deals with information that’s confidential to the organization or even to the individual. And IT is responsible for making all of this work. To reduce the risk of administrative errors, compliance violations, and breaches of confidentiality during the offboarding process, companies must use technology that enables them to: Step 1 - Employ a granular least privilege model (even outside of IT). When it comes to compliance, IT should consider a least privilege approach, meaning anyone in the organization only has the access necessary to do their jobs and nothing more. If an IT team member or other functional role involved in offboarding (such as HR) does not need access to the contents of a user’s files, or to certain sets of sensitive information, then don’t give them the opportunity to cause harm (intentionally or by accident) by providing access to this information simply because they are involved in offboarding. Stick to least privilege vigorously. This approach will help companies avoid potential privacy and confidentiality violations, as well as eliminate many compliance concerns. Step 2 - Prevent unnecessary exposure of sensitive information. Sensitive information like social security numbers and banking details are all involved in the offboarding process. To prevent unnecessary distribution, regular expression DLP policies can help ensure sensitive information isn’t accidentally shared with co-workers (and even external parties). Situations like these are not only likely compliance violations, but also lawsuits waiting to happen. Step 3 - Ensure your systems leave detailed audit logs. If a company is about to undergo a security audit or is renewing or seeking a security certification or attestation, offboarding process execution may be scrutinized. Auditors may ask for companies to provide detailed records of the offboarding procedures. These logs should contain what actions were taken, who took them, and when they were taken. Detailed audit logs make this audit process easy, and any lack of detail is nearly impossible to remediate. Step 4 - Retain data and create reliable backups. In many legal cases and with many service level agreements (SLAs), companies are 2
info@bettercloud.com | (888) 999-0805 8 required to retain data for many years (some companies retain it indefinitely). Accidental deletion of accounts or improper back ups will lead to data loss and potential legal issues. This isn’t anything any admin or company wants to experience. Many services are purpose-built to prevent this from happening. Step 5 - Wipe only corporate data off of employee-owned devices. Mobile device management (MDM), gives IT the power to remotely wipe devices. Mistakenly, devices can be wiped of all data, both personal and corporate. This creates a serious legal situation if the proper agreements have not been signed. There are horror stories of IT admins wiping devices that contain nearly finished novels or photos of newborns. Obviously, blame is shared in these scenarios, but in the end, it’s IT that faces the most scrutiny and the company that pays up. Unnecessarily High Expenses Due to Unused Licenses and Unknown Recurring Payments Odds are you are paying for licenses and possibly even applications that aren’t being used. Whether due to fear of data loss or lack of time, many companies are stuck in an expensive limbo when it comes to SaaS license spend. IT can put policies in place to prevent this. Whether it’s idle licenses, unused storage, or devices collecting dust, many of these expenses are the result of incomplete offboarding processes. Since offboarding is often a multi- phase process, the final steps can fall through the cracks. Step 1 - Set a threshold on suspended licenses. Depending on the application, companies may be billed for licenses sitting in a suspended state. A single SaaS application license may cost a company around $50 a year — not a big deal. But many companies never clean up suspended licenses and are simply throwing away thousands of dollars a month. Companies should keep tabs on licenses assigned to former employees. One quick way to do this is set a threshold on the number of suspended licenses you’re willing to permit in each given SaaS application (based on how they bill for these licenses). Step 2 - Prohibit employees from using company cards for unapproved applications. This is a surprisingly common cost that flies under the radar. It’s common across many departments and there is really no easy answer. A solid solution: Sit with the Finance team and review every SaaS license paid for through a company credit card. Then, make a decision on whether or not IT should bring unapproved apps under their control or stop paying for them. If a user goes around IT and is expensing SaaS apps on their own card, a simple solution to curb this behavior is to warn employees that SaaS apps on personal cards will no longer be reimbursed. Step 3 - Free up and reassign suspended licenses. In most SaaS applications, when you fully delete a user you are left with a license that can be assigned to another employee, and you may or may not be paying for that license while it’s not assigned. Be sure to use these licenses first when onboarding new employees. And some SaaS applications, like G Suite, even offer special license types for former employees. In G Suite these are called Vault Former Employee licenses (note: this particular license type is only available to former Postini customers), and reduce license costs while retaining user data. 3
info@bettercloud.com | (888) 999-0805 9 Productivity LossCausedby Miscommunication and Lack of Documentation When change occurs, business activities are interrupted and productivity stalls. But the impact of change caused by offboarding can be lessened. Step 1 - Document important processes. While this might not fall under “data loss” or “offboarding” in the traditional sense, it is a potential threat that must be considered. Companies should seek to change the way employees operate and encourage constant documentation. This is a top-down issue that executives (as well as IT leaders) should push for. Step 2 - Avoid ad hoc scripts and undocumented automations. If the employee is in IT and relies heavily on custom-built scripts to automate certain tasks, those scripts will inevitably break and require maintenance. Companies should bring own their automations, meaning the ability to execute, alter, and update them should pass seamlessly from one employee to the next. If not, the employee can leave a company in a difficult position should they leave. Step 3 - Ensure successful file ownership transfers. File ownership is tricky when it comes to SaaS applications like Google Drive, Dropbox, and others. If important documents are transferred to the wrong person, it creates a huge headache for IT and everyone who needs to access those files. Step 4 - Handle email with care. One of the most common points of failure during offboarding is email. Should the ex- employee’s entire email be accessible by the employee’s manager? Or should all future emails be forwarded to a certain person? What exactly should the autoresponder say? How long should an autoresponder remain active? These questions vary greatly from employee to employee. The answer is likely a decision that can only be made through open communication. Step 5 - Manage calendars and resources. When an employee exits, it’s especially difficult to handle anything related to calendars and resources. While it might seem small, a booked resource that goes unused is a wasted expense and could have been used in a more productive way. On top of that, if a user is deleted, any recurring meetings or secondary calendars that user owns will be deleted as well. Step 6 - Build orchestrated offboarding processes. Too much time is wasted in IT doing manual, repetitive tasks. If offboarding is done manually and correctly, it will likely take a significant amount of time. Admins will have to go into each application’s admin console and deprovision a user. Automating tasks is helpful, but when they’re compiled together, something much more powerful is created. 4
info@bettercloud.com | (888) 999-0805 10 5 Key Benefits of Orchestrated Offboarding There’s a misconception that deprovisioning and offboarding are the same. However, deprovisioning is just one small aspect of the greater offboarding process, which is much more complex than simply cutting off access to an application. (For example, think about document transfers, device wipes, autoresponders, inbox delegation, etc..) Based on customer research, the offboarding process for a single G Suite user consists of 28 manual steps, on average. This manual workload is exactly why companies can no longer ignore the increasing complexity and growing number of threats associated with offboarding. As more applications are adopted, a more strategic approach is necessary. Fortunately, platforms built for multi-SaaS environments exist to help companies manage SaaS applications and simplify offboarding through orchestration. But outside of IT, many employees don’t understand the ROI of orchestration. This list will help you explain the benefits to anyone. Reduces Human Error and Improves Offboarding Precision Orchestration and automation remove the human element from offboarding process execution, greatly reducing the probability of error. Additionally, offboarding procedures will routinely change. The more manual the process, the more room there is for mistakes. Well- polished orchestrated offboarding operates with precision. What needs to be done gets done. Every time, exactly when expected, without fail. No matter what. 1 Provides Clean Audit Logs for Compliance and Internal Review Audits aren’t fun for anyone. Companies fail audits because of improper offboarding, whether that’s caused by a lack of documentation or poor execution. A solution that enables orchestration, offers a user interface, and ensure every change and action is recorded makes passing an audit much simpler. It’s a huge time saver because companies don’t have to dig into the admin consoles of a bunch of apps to duct tape audit logs together. Orchestration also makes it easier to spot an error should it occur. It’s like finding a broken link in a chain instead of a needle in a haystack. Enables Iterative, Scalable Customization that Evolves as Companies Change Offboarding best practices from four years ago look totally different than today’s best practices. Technology has forced companies to adapt. Orchestration enables IT to keep up with the pace of change by allowing for iterative change instead of just adding another step to an already time-consuming process. Orchestrated offboarding is about tweaks, as opposed to overhauls. A new step is just another automated action. It’s simply an iteration of an existing workflow. 2 3
info@bettercloud.com | (888) 999-0805 11 Carries Out Many Vital Offboarding Steps in Seconds Many companies do offboarding 100% right, however, it takes too long. With orchestrated offboarding, companies can perform a flurry of tasks almost instantly. Not only does this free up valuable time, but it also reduces risks by performing important security-related tasks automatically and in quick succession. After all, every minute an exiting employee can still access company data is another minute a company is at risk of a data or compliance breach. 4 5Offers Simplicity and Control Over Offboarding Processes Offboarding isn’t simple. If it were, people wouldn’t shy away from it so much. With more automation, and fewer dashboards involved, offboarding becomes less taxing from a documentation and training perspective. If a member of a team leaves, a new person should be able to pick things up immediately. If not, a company is probably dependent on the capabilities of a single employee. It must be simpler. Orchestration is the answer.
info@bettercloud.com | (888) 999-0805 12 Case Study: SaaS Offboarding Orchestration in the World of High-Tech Venture Capital The Necessity of Precise and Immediate Offboarding “Thirty seconds.” That’s how much time Ryan Donnon needs before he can confidently look an investor in the eye and say: “We’re good. Everything sensitive is protected.” That’s effective offboarding. Donnon works as the IT and data manager at First Round Capital, a top-tier early-stage venture capital firm with over $700mm in capital under management, and 6 IPOs and 92 acquisitions under its belt. Due to the nature of the business, employees handle sensitive financials and proprietary information on a daily basis and thus Ryan understands the importance of offboarding. Data simply cannot be publicly exposed. Mistakes and delays aren’t an option. “If there’s ever a fire drill and someone needs to be offboarded immediately, I can’t say to a partner or a supervisor, ‘It’ll be two hours until their access is revoked.’” As a result, Donnon has created a fully orchestrated offboarding process, which helps him ensure precision, immediacy, and reliability. As soon as an employee exits the building, Donnon’s offboarding process, which takes only a “couple of clicks” to complete, revokes access to SaaS applications like Salesforce, Slack, and G Suite. Ryan Donnon
info@bettercloud.com | (888) 999-0805 13 Eliminating Exposure with Offboarding Orchestration Like many IT professionals, Donnon agrees that the shift to SaaS has produced new opportunities and challenges. The challenges are particularly noticeable with offboarding, he says. “SaaS creates a lot of exposure for me when employees leave the company.” Using BetterCloud, Donnon eliminates this exposure in seconds. When an employee exits, Donnon “fires off a BetterCloud workflow,” which does a “bunch of things” he used to have to remember to do manually. “The workflow immediately removes them from all groups, deactivates two-factor authentication, resets their password, and revokes authentication tokens for all of the applications that the employee has connected to their account. And most recently, I’ve updated the workflow to actually deactivate their Salesforce account as well,” he says. While most of these steps are relatively simple tasks, each must be performed immediately when an employee is offboarded, making the workflow orchestration a critical value-add. “I think offboarding, as opposed to onboarding, is where I have the most exposure. If I mess up, forget a step and an ex-employee still has access to company data, that’s where I could hurt my reputation the most.” Next, because First Round Capital uses SAML for most applications other than G Suite, he “kills the ex-employee’s Okta account,” which “pretty much cuts off access to everything else.” Donnon views BetterCloud and Okta as entirely different, but complementary solutions. “Even if you use some deprovisioning stuff in Okta, it still can’t do everything that you need to do that I feel like BetterCloud really makes easier.” Most of the typically manual work associated with offboarding is automated through these processes. Donnon says that after seeing this orchestration in action, it’s hard not to say: “Wow. IT’s really got it together.” Ryan’s offboarding workflow in BetterCloud
info@bettercloud.com | (888) 999-0805 14 Handling the Dynamic Variables Offboarding isn’t all about cutting off access. Of course, companies want to take care of physical access and assets, too. Turning off keycard access and collecting company devices are necessary steps that Donnon takes. But on top of that, exiting employees often possess information others may need. Donnon uses a checklist to help establish a timeline and manage the variables. “Everyone is going to be different,” he says. Offboarding a partner, for example, is going to be a much more complex scenario than an employee who was in and out in less than six months. How to handle email is one aspect of offboarding that varies more than any other. Leading up to the employee’s last day, communication, establishing personal relationships, and doing the upfront “legwork” are all key, says Donnon. “You don’t want to be reaching out to people [to get information you need to fully offboard them] for the first few months after somebody exits.” Ryan’s offboarding checklist
info@bettercloud.com | (888) 999-0805 15 The Final Steps For the first two weeks after an employee leaves, the account is limbo, says Donnon. (G Suite cannot serve up an auto-reply if an employee is suspended or deleted.) “I use the BetterCloud interface to set the auto-reply.” At the end of the two weeks, Donnon goes into BetterCloud again. He takes care of what many forget: recurring calendar events, which often may be consuming shared resources like conference rooms. “If an ex-employee is the owner of any recurring events, I need to work with either their manager or the person that replaced them to figure out who I should transfer those events to.” If not, this can be an especially excruciating task to perform after the fact. “Google does not have a great way to transfer recurring events from a deleted user,” says Donnon. Next, Donnon backs up the account, transfers all of their shared Google Docs (typically to their manager), and then, unlike many G Suite admins, will actually delete their email account. (Many companies choose to suspend accounts for various reasons, but deleting a user will reduce costs, since Google does charge for suspended users.) With a standard two weeks’ notice, the entire offboarding process happens over the course of a month. Donnon takes care of his part in a matter of minutes.
A B O U T B E T T E R C L O U D BetterCloud is the first Multi-SaaS Management Platform, enabling IT to centralize, orchestrate, and operationalize day-to-day administration and control across SaaS applications. Every day, thousands of customers rely on BetterCloud to centralize data and controls, surface operational intelligence, orchestrate complex actions, and delegate custom administrator privileges across SaaS applications. BetterCloud is headquartered in New York City with engineering offices in Atlanta, GA. For more information, please visit www.bettercloud.com. Demo BetterCloud today. info@bettercloud.com | (888) 999-0805

Recommended

White Paper - Killing the Shadow Systems
White Paper - Killing the Shadow SystemsWhite Paper - Killing the Shadow Systems
White Paper - Killing the Shadow SystemsNewton Day Uploads
 
When Less is More: Why Small Companies Should Think Outside the(Red/Yellow) B...
When Less is More: Why Small Companies Should Think Outside the(Red/Yellow) B...When Less is More: Why Small Companies Should Think Outside the(Red/Yellow) B...
When Less is More: Why Small Companies Should Think Outside the(Red/Yellow) B...GFI Software
 
Hybrid Technology
Hybrid TechnologyHybrid Technology
Hybrid TechnologyGFI Software
 
eBook: State of Data Backup for SMBs
eBook: State of Data Backup for SMBseBook: State of Data Backup for SMBs
eBook: State of Data Backup for SMBsCarbonite
 
Security Threats for SMBs
Security Threats for SMBsSecurity Threats for SMBs
Security Threats for SMBsGFI Software
 
2014 State of Backup for SMBs
2014 State of Backup for SMBs2014 State of Backup for SMBs
2014 State of Backup for SMBsCarbonite
 
Three tools to reduce employee apathy
Three tools to reduce employee apathyThree tools to reduce employee apathy
Three tools to reduce employee apathyStephen P. Abbey
 
VIPRE Business Takes a Bite out of Bloatware
VIPRE Business Takes a Bite out of BloatwareVIPRE Business Takes a Bite out of Bloatware
VIPRE Business Takes a Bite out of BloatwareGFI Software
 

Recommended

White Paper - Killing the Shadow Systems
White Paper - Killing the Shadow SystemsWhite Paper - Killing the Shadow Systems
White Paper - Killing the Shadow SystemsNewton Day Uploads
 
When Less is More: Why Small Companies Should Think Outside the(Red/Yellow) B...
When Less is More: Why Small Companies Should Think Outside the(Red/Yellow) B...When Less is More: Why Small Companies Should Think Outside the(Red/Yellow) B...
When Less is More: Why Small Companies Should Think Outside the(Red/Yellow) B...GFI Software
 
Hybrid Technology
Hybrid TechnologyHybrid Technology
Hybrid TechnologyGFI Software
 
eBook: State of Data Backup for SMBs
eBook: State of Data Backup for SMBseBook: State of Data Backup for SMBs
eBook: State of Data Backup for SMBsCarbonite
 
Security Threats for SMBs
Security Threats for SMBsSecurity Threats for SMBs
Security Threats for SMBsGFI Software
 
2014 State of Backup for SMBs
2014 State of Backup for SMBs2014 State of Backup for SMBs
2014 State of Backup for SMBsCarbonite
 
Three tools to reduce employee apathy
Three tools to reduce employee apathyThree tools to reduce employee apathy
Three tools to reduce employee apathyStephen P. Abbey
 
VIPRE Business Takes a Bite out of Bloatware
VIPRE Business Takes a Bite out of BloatwareVIPRE Business Takes a Bite out of Bloatware
VIPRE Business Takes a Bite out of BloatwareGFI Software
 
The CISO’s Guide to Being Human
The CISO’s Guide to Being HumanThe CISO’s Guide to Being Human
The CISO’s Guide to Being HumanClearswift
 
How to tell if that pop-up window is offering you a rogue anti-malware product
How to tell if that pop-up window is offering you a rogue anti-malware productHow to tell if that pop-up window is offering you a rogue anti-malware product
How to tell if that pop-up window is offering you a rogue anti-malware productGFI Software
 
Security Analytics for Certified Fraud Examiners
Security Analytics for Certified Fraud ExaminersSecurity Analytics for Certified Fraud Examiners
Security Analytics for Certified Fraud ExaminersThe Lorenzi Group
 
Risk neversleeps wps-016
Risk neversleeps wps-016Risk neversleeps wps-016
Risk neversleeps wps-016Jake Lepine
 
CMIT 425 RISK ASSESSMENT PAPER
CMIT 425 RISK ASSESSMENT PAPERCMIT 425 RISK ASSESSMENT PAPER
CMIT 425 RISK ASSESSMENT PAPERHamesKellor
 
The Trust Paradox: Access Management and Trust in an Insecure Age
The Trust Paradox: Access Management and Trust in an Insecure AgeThe Trust Paradox: Access Management and Trust in an Insecure Age
The Trust Paradox: Access Management and Trust in an Insecure AgeEMC
 
I AM NOT A NUMBER WHY USER EMPOWERMENT IS GAINING GROUND IN FORWARD-THINKING ...
I AM NOT A NUMBER WHY USER EMPOWERMENT IS GAINING GROUND IN FORWARD-THINKING ...I AM NOT A NUMBER WHY USER EMPOWERMENT IS GAINING GROUND IN FORWARD-THINKING ...
I AM NOT A NUMBER WHY USER EMPOWERMENT IS GAINING GROUND IN FORWARD-THINKING ...1E: Software Lifecycle Automation
 
Cybersecurity tips for employees
Cybersecurity tips for employeesCybersecurity tips for employees
Cybersecurity tips for employeesPriscila Bernardes
 
Patch management
Patch managementPatch management
Patch managementGFI Software
 
Intelligent information: New Rules for Managing the Customer Experience
Intelligent information: New Rules for Managing the Customer ExperienceIntelligent information: New Rules for Managing the Customer Experience
Intelligent information: New Rules for Managing the Customer ExperienceJohn Mancini
 
What's in your digital landfill?
What's in your digital landfill?What's in your digital landfill?
What's in your digital landfill?John Mancini
 
Secure dataroom whitepaper_protecting_confidential_documents
Secure dataroom whitepaper_protecting_confidential_documentsSecure dataroom whitepaper_protecting_confidential_documents
Secure dataroom whitepaper_protecting_confidential_documentse.law International
 
V mware business trend brief - crash insurance - protect your business with...
V mware business trend brief - crash insurance - protect your business with...V mware business trend brief - crash insurance - protect your business with...
V mware business trend brief - crash insurance - protect your business with...VMware_EMEA
 
ContinuitySA Chronicles Q3 2013 Newsletter
ContinuitySA Chronicles Q3 2013 NewsletterContinuitySA Chronicles Q3 2013 Newsletter
ContinuitySA Chronicles Q3 2013 NewsletterCindy Bodenstein
 
Aiim capture trends 2009 2010
Aiim capture trends 2009 2010Aiim capture trends 2009 2010
Aiim capture trends 2009 2010Vander Loto
 
Aiim electronic records management trends
Aiim electronic records management trendsAiim electronic records management trends
Aiim electronic records management trendsVander Loto
 
Large-Scale Remote Access & Mobility
Large-Scale Remote Access & MobilityLarge-Scale Remote Access & Mobility
Large-Scale Remote Access & Mobility Array Networks
 
Internal or insider threats are far more dangerous than the external - bala g...
Internal or insider threats are far more dangerous than the external - bala g...Internal or insider threats are far more dangerous than the external - bala g...
Internal or insider threats are far more dangerous than the external - bala g...Bala Guntipalli ♦ MBA
 
5 Questions Executives Should Be Asking Their Security Teams
5 Questions Executives Should Be Asking Their Security Teams 5 Questions Executives Should Be Asking Their Security Teams
5 Questions Executives Should Be Asking Their Security Teams Arun Chinnaraju MBA, PMP, CSM, CSPO, SA
 
Protecting Corporate Information in the Cloud
Protecting Corporate Information in the CloudProtecting Corporate Information in the Cloud
Protecting Corporate Information in the CloudSymantec
 
BBA 3551, Information Systems Management 1 Course Lea.docx
BBA 3551, Information Systems Management 1 Course Lea.docx BBA 3551, Information Systems Management 1 Course Lea.docx
BBA 3551, Information Systems Management 1 Course Lea.docxaryan532920
 
Manual user provisioning is dangerous
Manual user provisioning is dangerousManual user provisioning is dangerous
Manual user provisioning is dangerousDigital Devices LTD: Top B2B IT Reseller in UK | Digital Devices
 

More Related Content

What's hot

The CISO’s Guide to Being Human
The CISO’s Guide to Being HumanThe CISO’s Guide to Being Human
The CISO’s Guide to Being HumanClearswift
 
How to tell if that pop-up window is offering you a rogue anti-malware product
How to tell if that pop-up window is offering you a rogue anti-malware productHow to tell if that pop-up window is offering you a rogue anti-malware product
How to tell if that pop-up window is offering you a rogue anti-malware productGFI Software
 
Security Analytics for Certified Fraud Examiners
Security Analytics for Certified Fraud ExaminersSecurity Analytics for Certified Fraud Examiners
Security Analytics for Certified Fraud ExaminersThe Lorenzi Group
 
Risk neversleeps wps-016
Risk neversleeps wps-016Risk neversleeps wps-016
Risk neversleeps wps-016Jake Lepine
 
CMIT 425 RISK ASSESSMENT PAPER
CMIT 425 RISK ASSESSMENT PAPERCMIT 425 RISK ASSESSMENT PAPER
CMIT 425 RISK ASSESSMENT PAPERHamesKellor
 
The Trust Paradox: Access Management and Trust in an Insecure Age
The Trust Paradox: Access Management and Trust in an Insecure AgeThe Trust Paradox: Access Management and Trust in an Insecure Age
The Trust Paradox: Access Management and Trust in an Insecure AgeEMC
 
I AM NOT A NUMBER WHY USER EMPOWERMENT IS GAINING GROUND IN FORWARD-THINKING ...
I AM NOT A NUMBER WHY USER EMPOWERMENT IS GAINING GROUND IN FORWARD-THINKING ...I AM NOT A NUMBER WHY USER EMPOWERMENT IS GAINING GROUND IN FORWARD-THINKING ...
I AM NOT A NUMBER WHY USER EMPOWERMENT IS GAINING GROUND IN FORWARD-THINKING ...1E: Software Lifecycle Automation
 
Cybersecurity tips for employees
Cybersecurity tips for employeesCybersecurity tips for employees
Cybersecurity tips for employeesPriscila Bernardes
 
Intelligent information: New Rules for Managing the Customer Experience
Intelligent information: New Rules for Managing the Customer ExperienceIntelligent information: New Rules for Managing the Customer Experience
Intelligent information: New Rules for Managing the Customer ExperienceJohn Mancini
 
What's in your digital landfill?
What's in your digital landfill?What's in your digital landfill?
What's in your digital landfill?John Mancini
 
Secure dataroom whitepaper_protecting_confidential_documents
Secure dataroom whitepaper_protecting_confidential_documentsSecure dataroom whitepaper_protecting_confidential_documents
Secure dataroom whitepaper_protecting_confidential_documentse.law International
 
V mware business trend brief - crash insurance - protect your business with...
V mware business trend brief - crash insurance - protect your business with...V mware business trend brief - crash insurance - protect your business with...
V mware business trend brief - crash insurance - protect your business with...VMware_EMEA
 
ContinuitySA Chronicles Q3 2013 Newsletter
ContinuitySA Chronicles Q3 2013 NewsletterContinuitySA Chronicles Q3 2013 Newsletter
ContinuitySA Chronicles Q3 2013 NewsletterCindy Bodenstein
 
Aiim capture trends 2009 2010
Aiim capture trends 2009 2010Aiim capture trends 2009 2010
Aiim capture trends 2009 2010Vander Loto
 
Aiim electronic records management trends
Aiim electronic records management trendsAiim electronic records management trends
Aiim electronic records management trendsVander Loto
 
Large-Scale Remote Access & Mobility
Large-Scale Remote Access & MobilityLarge-Scale Remote Access & Mobility
Large-Scale Remote Access & Mobility Array Networks
 
Internal or insider threats are far more dangerous than the external - bala g...
Internal or insider threats are far more dangerous than the external - bala g...Internal or insider threats are far more dangerous than the external - bala g...
Internal or insider threats are far more dangerous than the external - bala g...Bala Guntipalli ♦ MBA
 

What's hot (18)

The CISO’s Guide to Being Human
The CISO’s Guide to Being HumanThe CISO’s Guide to Being Human
The CISO’s Guide to Being Human
 
How to tell if that pop-up window is offering you a rogue anti-malware product
How to tell if that pop-up window is offering you a rogue anti-malware productHow to tell if that pop-up window is offering you a rogue anti-malware product
How to tell if that pop-up window is offering you a rogue anti-malware product
 
Security Analytics for Certified Fraud Examiners
Security Analytics for Certified Fraud ExaminersSecurity Analytics for Certified Fraud Examiners
Security Analytics for Certified Fraud Examiners
 
Risk neversleeps wps-016
Risk neversleeps wps-016Risk neversleeps wps-016
Risk neversleeps wps-016
 
CMIT 425 RISK ASSESSMENT PAPER
CMIT 425 RISK ASSESSMENT PAPERCMIT 425 RISK ASSESSMENT PAPER
CMIT 425 RISK ASSESSMENT PAPER
 
The Trust Paradox: Access Management and Trust in an Insecure Age
The Trust Paradox: Access Management and Trust in an Insecure AgeThe Trust Paradox: Access Management and Trust in an Insecure Age
The Trust Paradox: Access Management and Trust in an Insecure Age
 
I AM NOT A NUMBER WHY USER EMPOWERMENT IS GAINING GROUND IN FORWARD-THINKING ...
I AM NOT A NUMBER WHY USER EMPOWERMENT IS GAINING GROUND IN FORWARD-THINKING ...I AM NOT A NUMBER WHY USER EMPOWERMENT IS GAINING GROUND IN FORWARD-THINKING ...
I AM NOT A NUMBER WHY USER EMPOWERMENT IS GAINING GROUND IN FORWARD-THINKING ...
 
Cybersecurity tips for employees
Cybersecurity tips for employeesCybersecurity tips for employees
Cybersecurity tips for employees
 
Patch management
Patch managementPatch management
Patch management
 
Intelligent information: New Rules for Managing the Customer Experience
Intelligent information: New Rules for Managing the Customer ExperienceIntelligent information: New Rules for Managing the Customer Experience
Intelligent information: New Rules for Managing the Customer Experience
 
What's in your digital landfill?
What's in your digital landfill?What's in your digital landfill?
What's in your digital landfill?
 
Secure dataroom whitepaper_protecting_confidential_documents
Secure dataroom whitepaper_protecting_confidential_documentsSecure dataroom whitepaper_protecting_confidential_documents
Secure dataroom whitepaper_protecting_confidential_documents
 
V mware business trend brief - crash insurance - protect your business with...
V mware business trend brief - crash insurance - protect your business with...V mware business trend brief - crash insurance - protect your business with...
V mware business trend brief - crash insurance - protect your business with...
 
ContinuitySA Chronicles Q3 2013 Newsletter
ContinuitySA Chronicles Q3 2013 NewsletterContinuitySA Chronicles Q3 2013 Newsletter
ContinuitySA Chronicles Q3 2013 Newsletter
 
Aiim capture trends 2009 2010
Aiim capture trends 2009 2010Aiim capture trends 2009 2010
Aiim capture trends 2009 2010
 
Aiim electronic records management trends
Aiim electronic records management trendsAiim electronic records management trends
Aiim electronic records management trends
 
Large-Scale Remote Access & Mobility
Large-Scale Remote Access & MobilityLarge-Scale Remote Access & Mobility
Large-Scale Remote Access & Mobility
 
Internal or insider threats are far more dangerous than the external - bala g...
Internal or insider threats are far more dangerous than the external - bala g...Internal or insider threats are far more dangerous than the external - bala g...
Internal or insider threats are far more dangerous than the external - bala g...
 

Similar to BetterCloud Whitepaper: Offboarding Inefficiencies and Security Threats

Protecting Corporate Information in the Cloud
Protecting Corporate Information in the CloudProtecting Corporate Information in the Cloud
Protecting Corporate Information in the CloudSymantec
 
BBA 3551, Information Systems Management 1 Course Lea.docx
BBA 3551, Information Systems Management 1 Course Lea.docx BBA 3551, Information Systems Management 1 Course Lea.docx
BBA 3551, Information Systems Management 1 Course Lea.docxaryan532920
 
Microsoft DATA Protection To Put secure.
Microsoft DATA Protection To Put secure.Microsoft DATA Protection To Put secure.
Microsoft DATA Protection To Put secure.jayceewong1
 
Exploring new mobile and cloud platforms without a governance .docx
Exploring new mobile and cloud platforms without a governance .docxExploring new mobile and cloud platforms without a governance .docx
Exploring new mobile and cloud platforms without a governance .docxssuser454af01
 
1594884 - Pearson Education Limited ©Q7-8 2026 Within t.docx
1594884 - Pearson Education Limited ©Q7-8 2026 Within t.docx1594884 - Pearson Education Limited ©Q7-8 2026 Within t.docx
1594884 - Pearson Education Limited ©Q7-8 2026 Within t.docxdurantheseldine
 
Cybersecurity tips for employees
Cybersecurity tips for employeesCybersecurity tips for employees
Cybersecurity tips for employeesPriscila Bernardes
 
En msft-scrty-cntnt-e book-protectyourdata
En msft-scrty-cntnt-e book-protectyourdataEn msft-scrty-cntnt-e book-protectyourdata
En msft-scrty-cntnt-e book-protectyourdataOnline Business
 
Replies Required for below Posting 1 user security awarene.docx
Replies Required for below Posting 1 user security awarene.docxReplies Required for below Posting 1 user security awarene.docx
Replies Required for below Posting 1 user security awarene.docxsodhi3
 
Securité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForceSecurité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForcePatrick Bouillaud
 
Account Takeover: The Best Practices for Full Protection
Account Takeover: The Best Practices for Full ProtectionAccount Takeover: The Best Practices for Full Protection
Account Takeover: The Best Practices for Full ProtectionKalin Hitrov
 
A Survey On Data Leakage Detection
A Survey On Data Leakage DetectionA Survey On Data Leakage Detection
A Survey On Data Leakage DetectionIJERA Editor
 
Discussion 300 wordsSearch scholar.google.com or your textbook
Discussion 300 wordsSearch scholar.google.com or your textbookDiscussion 300 wordsSearch scholar.google.com or your textbook
Discussion 300 wordsSearch scholar.google.com or your textbookhuttenangela
 
The 2016 Guide to IT Identity Management
The 2016 Guide to IT Identity ManagementThe 2016 Guide to IT Identity Management
The 2016 Guide to IT Identity ManagementJumpCloud
 
Cultivate a stronger corporate culture to enhance cybersecurity
Cultivate a stronger corporate culture to enhance cybersecurityCultivate a stronger corporate culture to enhance cybersecurity
Cultivate a stronger corporate culture to enhance cybersecurityDavid X Martin
 

Similar to BetterCloud Whitepaper: Offboarding Inefficiencies and Security Threats (20)

5 Questions Executives Should Be Asking Their Security Teams
5 Questions Executives Should Be Asking Their Security Teams 5 Questions Executives Should Be Asking Their Security Teams
5 Questions Executives Should Be Asking Their Security Teams
 
Protecting Corporate Information in the Cloud
Protecting Corporate Information in the CloudProtecting Corporate Information in the Cloud
Protecting Corporate Information in the Cloud
 
BBA 3551, Information Systems Management 1 Course Lea.docx
BBA 3551, Information Systems Management 1 Course Lea.docx BBA 3551, Information Systems Management 1 Course Lea.docx
BBA 3551, Information Systems Management 1 Course Lea.docx
 
Manual user provisioning is dangerous
Manual user provisioning is dangerousManual user provisioning is dangerous
Manual user provisioning is dangerous
 
Microsoft DATA Protection To Put secure.
Microsoft DATA Protection To Put secure.Microsoft DATA Protection To Put secure.
Microsoft DATA Protection To Put secure.
 
The Top Ten Insider Threats And How To Prevent Them
The Top Ten Insider Threats And How To Prevent ThemThe Top Ten Insider Threats And How To Prevent Them
The Top Ten Insider Threats And How To Prevent Them
 
Exploring new mobile and cloud platforms without a governance .docx
Exploring new mobile and cloud platforms without a governance .docxExploring new mobile and cloud platforms without a governance .docx
Exploring new mobile and cloud platforms without a governance .docx
 
1594884 - Pearson Education Limited ©Q7-8 2026 Within t.docx
1594884 - Pearson Education Limited ©Q7-8 2026 Within t.docx1594884 - Pearson Education Limited ©Q7-8 2026 Within t.docx
1594884 - Pearson Education Limited ©Q7-8 2026 Within t.docx
 
Cybersecurity tips for employees
Cybersecurity tips for employeesCybersecurity tips for employees
Cybersecurity tips for employees
 
En msft-scrty-cntnt-e book-protectyourdata
En msft-scrty-cntnt-e book-protectyourdataEn msft-scrty-cntnt-e book-protectyourdata
En msft-scrty-cntnt-e book-protectyourdata
 
Security and SMBs
Security and SMBsSecurity and SMBs
Security and SMBs
 
Replies Required for below Posting 1 user security awarene.docx
Replies Required for below Posting 1 user security awarene.docxReplies Required for below Posting 1 user security awarene.docx
Replies Required for below Posting 1 user security awarene.docx
 
IBM X-Force.PDF
IBM X-Force.PDFIBM X-Force.PDF
IBM X-Force.PDF
 
Securité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForceSecurité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-Force
 
Account Takeover: The Best Practices for Full Protection
Account Takeover: The Best Practices for Full ProtectionAccount Takeover: The Best Practices for Full Protection
Account Takeover: The Best Practices for Full Protection
 
A Survey On Data Leakage Detection
A Survey On Data Leakage DetectionA Survey On Data Leakage Detection
A Survey On Data Leakage Detection
 
Discussion 300 wordsSearch scholar.google.com or your textbook
Discussion 300 wordsSearch scholar.google.com or your textbookDiscussion 300 wordsSearch scholar.google.com or your textbook
Discussion 300 wordsSearch scholar.google.com or your textbook
 
The 2016 Guide to IT Identity Management
The 2016 Guide to IT Identity ManagementThe 2016 Guide to IT Identity Management
The 2016 Guide to IT Identity Management
 
Fy17 sec shadow_it-e_book_final_032417
Fy17 sec shadow_it-e_book_final_032417Fy17 sec shadow_it-e_book_final_032417
Fy17 sec shadow_it-e_book_final_032417
 
Cultivate a stronger corporate culture to enhance cybersecurity
Cultivate a stronger corporate culture to enhance cybersecurityCultivate a stronger corporate culture to enhance cybersecurity
Cultivate a stronger corporate culture to enhance cybersecurity
 

More from BetterCloud

2020 State of SaaSOps Report
2020 State of SaaSOps Report2020 State of SaaSOps Report
2020 State of SaaSOps ReportBetterCloud
 
ALTITUDE 2019 | Corporate Engineer: The New IT Admin
ALTITUDE 2019 | Corporate Engineer: The New IT AdminALTITUDE 2019 | Corporate Engineer: The New IT Admin
ALTITUDE 2019 | Corporate Engineer: The New IT AdminBetterCloud
 
ALTITUDE 2019 | Smart Scaling through Automation: How to Scale Without Adding...
ALTITUDE 2019 | Smart Scaling through Automation: How to Scale Without Adding...ALTITUDE 2019 | Smart Scaling through Automation: How to Scale Without Adding...
ALTITUDE 2019 | Smart Scaling through Automation: How to Scale Without Adding...BetterCloud
 
ALTITUDE 2019 | Enabling Productivity with Agile Security
ALTITUDE 2019 | Enabling Productivity with Agile SecurityALTITUDE 2019 | Enabling Productivity with Agile Security
ALTITUDE 2019 | Enabling Productivity with Agile SecurityBetterCloud
 
ALTITUDE 2019 | SaaSOps Stars Awards
ALTITUDE 2019 | SaaSOps Stars AwardsALTITUDE 2019 | SaaSOps Stars Awards
ALTITUDE 2019 | SaaSOps Stars AwardsBetterCloud
 
ALTITUDE 2019 | Lessons in IT Leadership
ALTITUDE 2019 | Lessons in IT LeadershipALTITUDE 2019 | Lessons in IT Leadership
ALTITUDE 2019 | Lessons in IT LeadershipBetterCloud
 
ALTITUDE 2019 | Automate Your Team Out of (Boring) Jobs with SaaS Operations
ALTITUDE 2019 | Automate Your Team Out of (Boring) Jobs with SaaS OperationsALTITUDE 2019 | Automate Your Team Out of (Boring) Jobs with SaaS Operations
ALTITUDE 2019 | Automate Your Team Out of (Boring) Jobs with SaaS OperationsBetterCloud
 
ALTITUDE 2019 | Your SaaSOps Platform
ALTITUDE 2019 | Your SaaSOps PlatformALTITUDE 2019 | Your SaaSOps Platform
ALTITUDE 2019 | Your SaaSOps PlatformBetterCloud
 
ALTITUDE 2019 | SaaSOps
ALTITUDE 2019 | SaaSOpsALTITUDE 2019 | SaaSOps
ALTITUDE 2019 | SaaSOpsBetterCloud
 
BetterCloud Whitepaper: Fixing IT's Blindspots – 8 Critical Security and Mana...
BetterCloud Whitepaper: Fixing IT's Blindspots – 8 Critical Security and Mana...BetterCloud Whitepaper: Fixing IT's Blindspots – 8 Critical Security and Mana...
BetterCloud Whitepaper: Fixing IT's Blindspots – 8 Critical Security and Mana...BetterCloud
 
451 Research Report: BetterCloud Pioneers the Emerging SaaS Operations Manage...
451 Research Report: BetterCloud Pioneers the Emerging SaaS Operations Manage...451 Research Report: BetterCloud Pioneers the Emerging SaaS Operations Manage...
451 Research Report: BetterCloud Pioneers the Emerging SaaS Operations Manage...BetterCloud
 
The 10 Commandments of the SaaS-Powered Workplace
The 10 Commandments of the SaaS-Powered WorkplaceThe 10 Commandments of the SaaS-Powered Workplace
The 10 Commandments of the SaaS-Powered WorkplaceBetterCloud
 
The 2016 State of Cloud IT Report
The 2016 State of Cloud IT ReportThe 2016 State of Cloud IT Report
The 2016 State of Cloud IT ReportBetterCloud
 

More from BetterCloud (13)

2020 State of SaaSOps Report
2020 State of SaaSOps Report2020 State of SaaSOps Report
2020 State of SaaSOps Report
 
ALTITUDE 2019 | Corporate Engineer: The New IT Admin
ALTITUDE 2019 | Corporate Engineer: The New IT AdminALTITUDE 2019 | Corporate Engineer: The New IT Admin
ALTITUDE 2019 | Corporate Engineer: The New IT Admin
 
ALTITUDE 2019 | Smart Scaling through Automation: How to Scale Without Adding...
ALTITUDE 2019 | Smart Scaling through Automation: How to Scale Without Adding...ALTITUDE 2019 | Smart Scaling through Automation: How to Scale Without Adding...
ALTITUDE 2019 | Smart Scaling through Automation: How to Scale Without Adding...
 
ALTITUDE 2019 | Enabling Productivity with Agile Security
ALTITUDE 2019 | Enabling Productivity with Agile SecurityALTITUDE 2019 | Enabling Productivity with Agile Security
ALTITUDE 2019 | Enabling Productivity with Agile Security
 
ALTITUDE 2019 | SaaSOps Stars Awards
ALTITUDE 2019 | SaaSOps Stars AwardsALTITUDE 2019 | SaaSOps Stars Awards
ALTITUDE 2019 | SaaSOps Stars Awards
 
ALTITUDE 2019 | Lessons in IT Leadership
ALTITUDE 2019 | Lessons in IT LeadershipALTITUDE 2019 | Lessons in IT Leadership
ALTITUDE 2019 | Lessons in IT Leadership
 
ALTITUDE 2019 | Automate Your Team Out of (Boring) Jobs with SaaS Operations
ALTITUDE 2019 | Automate Your Team Out of (Boring) Jobs with SaaS OperationsALTITUDE 2019 | Automate Your Team Out of (Boring) Jobs with SaaS Operations
ALTITUDE 2019 | Automate Your Team Out of (Boring) Jobs with SaaS Operations
 
ALTITUDE 2019 | Your SaaSOps Platform
ALTITUDE 2019 | Your SaaSOps PlatformALTITUDE 2019 | Your SaaSOps Platform
ALTITUDE 2019 | Your SaaSOps Platform
 
ALTITUDE 2019 | SaaSOps
ALTITUDE 2019 | SaaSOpsALTITUDE 2019 | SaaSOps
ALTITUDE 2019 | SaaSOps
 
BetterCloud Whitepaper: Fixing IT's Blindspots – 8 Critical Security and Mana...
BetterCloud Whitepaper: Fixing IT's Blindspots – 8 Critical Security and Mana...BetterCloud Whitepaper: Fixing IT's Blindspots – 8 Critical Security and Mana...
BetterCloud Whitepaper: Fixing IT's Blindspots – 8 Critical Security and Mana...
 
451 Research Report: BetterCloud Pioneers the Emerging SaaS Operations Manage...
451 Research Report: BetterCloud Pioneers the Emerging SaaS Operations Manage...451 Research Report: BetterCloud Pioneers the Emerging SaaS Operations Manage...
451 Research Report: BetterCloud Pioneers the Emerging SaaS Operations Manage...
 
The 10 Commandments of the SaaS-Powered Workplace
The 10 Commandments of the SaaS-Powered WorkplaceThe 10 Commandments of the SaaS-Powered Workplace
The 10 Commandments of the SaaS-Powered Workplace
 
The 2016 State of Cloud IT Report
The 2016 State of Cloud IT ReportThe 2016 State of Cloud IT Report
The 2016 State of Cloud IT Report
 

Recently uploaded

APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Neo4j
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfjimielynbastida
 

Recently uploaded (20)

APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdf
 

BetterCloud Whitepaper: Offboarding Inefficiencies and Security Threats

  • 1. W H I T E P A P E R Identifying and Eliminating Employee Offboarding Inefficiencies and Security Threats
  • 2. info@bettercloud.com | (888) 999-0805 2 Table of Contents Offboarding as an Organizational Issue ................................................... 3 3 Reasons Modern Day Offboarding is Getting More Complex ............................................................................. 4 The Top 4 Threats Posed by Improper Offboarding (and How to Address Each) ......................................................................... 6 5 Key Benefits of Orchestrated Offboarding ......................................... 10 Case Study: SaaS Offboarding Orchestration in the World of High-Tech Venture Capital ............................................. 12
  • 3. info@bettercloud.com | (888) 999-0805 3 Offboarding as an Organizational Issue First of all, we want to offer our apologies for any inconvenience. Unfortunately, an ex-administrator has deleted all customer data and wiped most servers. Because of this, we took the necessary steps to temporarily take our network offline.” Message posted on verelox.com after an improper offboarding incident. “ As of this writing, Verelox, a virtual and dedicated server provider, has yet to relaunch its site after an ex-employee was improperly offboarded. That’s 30+ days with no website, likely leading to severe losses of both customers and revenue. It’s time for everyone, from investors to IT, to own up to a harsh truth. Neglect is no longer an option. Verelox is a victim of a phenomenon that shows zero mercy, turning successful companies into skeletal ruins (see also: RealityCheckNetwork). How is it possible that this little talked about topic that is a vital operating aspect of every organization is often masquerading as a checklist chore for a newly hired IT admin? Every department and every employee has (or will one day soon) be affected by offboarding. But a closer examination shows that offboarding departing employees has become extremely complicated in today’s modern workplaces. Data lives in multiple siloed applications, some sanctioned by IT and some not, and often there is no way for IT to take action quickly enough (if at all) to prevent potential catastrophes like those above during offboarding. Executives should care because offboarding affects the bottom line, under the guise of data breaches, failed compliance, hindered productivity, data loss, and even loss of revenue. Every employee should care because improper offboarding can cost them their jobs, lead to identity theft, litigation, and lifelong negative career impacts. It’s time to know the threats off offboarding and start working toward a solution.
  • 4. info@bettercloud.com | (888) 999-0805 4 3 Reasons Modern Day Offboarding is Getting More Complex The Gig Economy The employee that sticks around for 10-plus years is a rare one indeed. It’s common now to change jobs after couple of years. In fact, the Bureau of Labor Statistics confirms that as of 2016, the average employee changes jobs every 4.2 years, down 9% from just two years prior. This number is only going to decrease in the future. This type of turnover is nothing new. But the technology involved is. SaaS has altered the playing field, and as a result, most companies approach to offboarding is ad hoc. Despite the frequency, inevitability, and potential to cause chaos, offboarding is nothing more than a PDF checklist. What’s more, with the rise of freelancers, contractors, and consultants, “turnover” is more prevalent than ever. So much so that the trend has been dubbed the “gig” economy. Already, freelancers make up 35% of the U.S. workforce. By 2020 (less than three years away), experts believe this number could rise to nearly 50%. What happens when companies are working with too many freelancers, granting access to data and applications, but failing to revoke it? SaaS technology continues to make it easier than ever to collaborate. New apps like Google Drive, Dropbox, and Slack encourage sharing and make collaboration simple. While this drives productivity, it also allows data to flow freely (sometimes outside your organization) and makes that data difficult to track down and control. This new style of workforce and the tendency to change jobs every few years is a growing concern, adding complexity to an already challenging task. 1 2Sheer Volume of Applications Creates Additional Risk According to an Intermedia and Osterman Research report, 89% of ex-employees retain access to email accounts, Salesforce, SharePoint, and other sensitive corporate applications, including some applications not often considered sensitive but that have the potential to damage a company’s brand (Facebook) or bank account (PayPal). And 49% actually log into an account after leaving the company. What does this mean for organizations? • Without a policy in place to prevent it, ex-employees can usually access applications and company data. • Odds are high (over 50%) that if they can access it, they will. • Even the most well-intentioned people will try to leave with company data, whether it’s on purpose or not. Preventing access to approved applications is one thing, but imagine offboarding an influential employee who worked extensively with applications IT didn’t know existed? How would a company get that information back? They can ask nicely, but that’s about the extent of their power. Whether it’s frowned upon, or even forbidden, employees will rarely place security above productivity. That’s why security controls are necessary. Exiting employees should never take data or application access with them when
  • 5. info@bettercloud.com | (888) 999-0805 5 3 they leave. This exposure not only makes companies vulnerable to data breaches, but it also opens the door for compliance issues, productivity loss, and potentially even lost revenue or destruction of shareholder value. Data Sprawl Across Applications Creates Complexity Today, data is created at an unprecedented rate. It’s common for employees to send and receive more close to 3,000 emails a month. Executives might receive more than 10,000. Within days of being hired, an employee will likely have access to thousands of company documents. They’ll gain access to applications, forward emails or share documents with personal accounts, and handle sensitive data on personal devices using unsecured Wi-Fi networks. For years, executives (and productivity application vendors) have focused on driving productivity through increased collaboration. But the result, when not executed with the full oversight of IT, is high productivity coupled with significant security exposures. In other words, almost zero control for IT. It’s a multi-SaaS maelstrom, and it makes processes like employee offboarding extremely difficult to plan for, let alone execute, properly.
  • 6. info@bettercloud.com | (888) 999-0805 6 The Top 4 Threats Posed by Improper Offboarding (and How to Address Each) Offboarding begins long before an employee’s last day. Or at least it should. However, the vast majority of companies think about offboarding when it becomes a problem, not before. But what happens if neglect becomes the only strategy? The results are potentially devastating. A simple offboarding error can cost an entire IT team their jobs, not to mention C-level executives. Knowing the risks and taking preventative and proactive actions to protect data won’t go unnoticed, especially if the complexity and value of those measures are articulated. Offboarding is a dirty job, but somebody has to do it. And that somebody needs to do it right. Exiting Employee Steals or Inappropriately Accesses Company Data with Malicious Intent A data breach is likely the first thought that occurs when discussing offboarding risks. Afterall, a departing employee is likely to leave a company on less than amicable terms. This is called an insider threat, and it’s one of the most common causes of data breaches. For companies that want to avoid this threat, there are many preventative measures that can be taken, many of which take place prior to “offboarding” even officially begins. Here are a few common preventative practices: Step 1 - Prevent email forwarding and sharing files to personal accounts. Offboarding should start begins before it really ever begins. For most employees, it’s not a big deal to take valuable information with them when they switch jobs. Sometimes it’s harmless. Employees simply forwarding personal notes or other miscellaneous emails. But other times, intellectual property is stolen. Even customer and employee personally identifiable information (PII) can slip through the cracks. Compliance can become a major concern. Policies can (and in many cases should) be in place to prevent this type of behavior. Step 2 - Reset shared passwords. At most companies, and in most departments, there are common passwords that are used for shared accounts. These are spread via word of mouth or made accessible in password managers. They are often simple to remember. When an employee exits, they don’t suddenly forget these commonly known passwords. IT should take it on themselves to reset these passwords during offboarding. A password manager like LastPass can make this process easier to execute, as well as add an extra layer of security by enforcing very complex passwords because no one needs to remember them in the first place. Step 3 - Revoke access to all applications. It should take just seconds, not minutes, hours, or days for IT to revoke access to applications as soon as an employee exits. Failure to do so is a severe concern. An ex-employee with bad intentions can wreak havoc on purpose. An ex-employee with good intentions can wreak havoc by accident. Either way, revoking access to all applications should be done in a timely (i.e. immediate) fashion. Be sure to examine which applications may retain authentication through OAuth tokens even after a user’s 1
  • 7. info@bettercloud.com | (888) 999-0805 7 password is changed on the account. There are countless examples (here’s one) of users staying signed in to applications via OAuth even after their password has been changed. Step 4 - Collect and/or wipe data from devices. Much like revoking access to applications, immediately when an employee walks out the door, company data should be removed from mobile devices, whether they are owned by the company or the ex-employee. Without doing so, a company is vulnerable. There are a variety of mobile device management solutions on the market to help enforce a policy here, although stock solutions like G Suite’s device management controls are often enough these days, if your company is not dealing with much sensitive information in offline files. However, you still need to automate the execution of these steps in order to protect against exposure. Compliance Violations or Breaches of Confidentiality Due to Administrative Errors There are a number of industry regulations and compliance standards that apply to offboarding, not to mention the fact that offboarding almost universally deals with information that’s confidential to the organization or even to the individual. And IT is responsible for making all of this work. To reduce the risk of administrative errors, compliance violations, and breaches of confidentiality during the offboarding process, companies must use technology that enables them to: Step 1 - Employ a granular least privilege model (even outside of IT). When it comes to compliance, IT should consider a least privilege approach, meaning anyone in the organization only has the access necessary to do their jobs and nothing more. If an IT team member or other functional role involved in offboarding (such as HR) does not need access to the contents of a user’s files, or to certain sets of sensitive information, then don’t give them the opportunity to cause harm (intentionally or by accident) by providing access to this information simply because they are involved in offboarding. Stick to least privilege vigorously. This approach will help companies avoid potential privacy and confidentiality violations, as well as eliminate many compliance concerns. Step 2 - Prevent unnecessary exposure of sensitive information. Sensitive information like social security numbers and banking details are all involved in the offboarding process. To prevent unnecessary distribution, regular expression DLP policies can help ensure sensitive information isn’t accidentally shared with co-workers (and even external parties). Situations like these are not only likely compliance violations, but also lawsuits waiting to happen. Step 3 - Ensure your systems leave detailed audit logs. If a company is about to undergo a security audit or is renewing or seeking a security certification or attestation, offboarding process execution may be scrutinized. Auditors may ask for companies to provide detailed records of the offboarding procedures. These logs should contain what actions were taken, who took them, and when they were taken. Detailed audit logs make this audit process easy, and any lack of detail is nearly impossible to remediate. Step 4 - Retain data and create reliable backups. In many legal cases and with many service level agreements (SLAs), companies are 2
  • 8. info@bettercloud.com | (888) 999-0805 8 required to retain data for many years (some companies retain it indefinitely). Accidental deletion of accounts or improper back ups will lead to data loss and potential legal issues. This isn’t anything any admin or company wants to experience. Many services are purpose-built to prevent this from happening. Step 5 - Wipe only corporate data off of employee-owned devices. Mobile device management (MDM), gives IT the power to remotely wipe devices. Mistakenly, devices can be wiped of all data, both personal and corporate. This creates a serious legal situation if the proper agreements have not been signed. There are horror stories of IT admins wiping devices that contain nearly finished novels or photos of newborns. Obviously, blame is shared in these scenarios, but in the end, it’s IT that faces the most scrutiny and the company that pays up. Unnecessarily High Expenses Due to Unused Licenses and Unknown Recurring Payments Odds are you are paying for licenses and possibly even applications that aren’t being used. Whether due to fear of data loss or lack of time, many companies are stuck in an expensive limbo when it comes to SaaS license spend. IT can put policies in place to prevent this. Whether it’s idle licenses, unused storage, or devices collecting dust, many of these expenses are the result of incomplete offboarding processes. Since offboarding is often a multi- phase process, the final steps can fall through the cracks. Step 1 - Set a threshold on suspended licenses. Depending on the application, companies may be billed for licenses sitting in a suspended state. A single SaaS application license may cost a company around $50 a year — not a big deal. But many companies never clean up suspended licenses and are simply throwing away thousands of dollars a month. Companies should keep tabs on licenses assigned to former employees. One quick way to do this is set a threshold on the number of suspended licenses you’re willing to permit in each given SaaS application (based on how they bill for these licenses). Step 2 - Prohibit employees from using company cards for unapproved applications. This is a surprisingly common cost that flies under the radar. It’s common across many departments and there is really no easy answer. A solid solution: Sit with the Finance team and review every SaaS license paid for through a company credit card. Then, make a decision on whether or not IT should bring unapproved apps under their control or stop paying for them. If a user goes around IT and is expensing SaaS apps on their own card, a simple solution to curb this behavior is to warn employees that SaaS apps on personal cards will no longer be reimbursed. Step 3 - Free up and reassign suspended licenses. In most SaaS applications, when you fully delete a user you are left with a license that can be assigned to another employee, and you may or may not be paying for that license while it’s not assigned. Be sure to use these licenses first when onboarding new employees. And some SaaS applications, like G Suite, even offer special license types for former employees. In G Suite these are called Vault Former Employee licenses (note: this particular license type is only available to former Postini customers), and reduce license costs while retaining user data. 3
  • 9. info@bettercloud.com | (888) 999-0805 9 Productivity LossCausedby Miscommunication and Lack of Documentation When change occurs, business activities are interrupted and productivity stalls. But the impact of change caused by offboarding can be lessened. Step 1 - Document important processes. While this might not fall under “data loss” or “offboarding” in the traditional sense, it is a potential threat that must be considered. Companies should seek to change the way employees operate and encourage constant documentation. This is a top-down issue that executives (as well as IT leaders) should push for. Step 2 - Avoid ad hoc scripts and undocumented automations. If the employee is in IT and relies heavily on custom-built scripts to automate certain tasks, those scripts will inevitably break and require maintenance. Companies should bring own their automations, meaning the ability to execute, alter, and update them should pass seamlessly from one employee to the next. If not, the employee can leave a company in a difficult position should they leave. Step 3 - Ensure successful file ownership transfers. File ownership is tricky when it comes to SaaS applications like Google Drive, Dropbox, and others. If important documents are transferred to the wrong person, it creates a huge headache for IT and everyone who needs to access those files. Step 4 - Handle email with care. One of the most common points of failure during offboarding is email. Should the ex- employee’s entire email be accessible by the employee’s manager? Or should all future emails be forwarded to a certain person? What exactly should the autoresponder say? How long should an autoresponder remain active? These questions vary greatly from employee to employee. The answer is likely a decision that can only be made through open communication. Step 5 - Manage calendars and resources. When an employee exits, it’s especially difficult to handle anything related to calendars and resources. While it might seem small, a booked resource that goes unused is a wasted expense and could have been used in a more productive way. On top of that, if a user is deleted, any recurring meetings or secondary calendars that user owns will be deleted as well. Step 6 - Build orchestrated offboarding processes. Too much time is wasted in IT doing manual, repetitive tasks. If offboarding is done manually and correctly, it will likely take a significant amount of time. Admins will have to go into each application’s admin console and deprovision a user. Automating tasks is helpful, but when they’re compiled together, something much more powerful is created. 4
  • 10. info@bettercloud.com | (888) 999-0805 10 5 Key Benefits of Orchestrated Offboarding There’s a misconception that deprovisioning and offboarding are the same. However, deprovisioning is just one small aspect of the greater offboarding process, which is much more complex than simply cutting off access to an application. (For example, think about document transfers, device wipes, autoresponders, inbox delegation, etc..) Based on customer research, the offboarding process for a single G Suite user consists of 28 manual steps, on average. This manual workload is exactly why companies can no longer ignore the increasing complexity and growing number of threats associated with offboarding. As more applications are adopted, a more strategic approach is necessary. Fortunately, platforms built for multi-SaaS environments exist to help companies manage SaaS applications and simplify offboarding through orchestration. But outside of IT, many employees don’t understand the ROI of orchestration. This list will help you explain the benefits to anyone. Reduces Human Error and Improves Offboarding Precision Orchestration and automation remove the human element from offboarding process execution, greatly reducing the probability of error. Additionally, offboarding procedures will routinely change. The more manual the process, the more room there is for mistakes. Well- polished orchestrated offboarding operates with precision. What needs to be done gets done. Every time, exactly when expected, without fail. No matter what. 1 Provides Clean Audit Logs for Compliance and Internal Review Audits aren’t fun for anyone. Companies fail audits because of improper offboarding, whether that’s caused by a lack of documentation or poor execution. A solution that enables orchestration, offers a user interface, and ensure every change and action is recorded makes passing an audit much simpler. It’s a huge time saver because companies don’t have to dig into the admin consoles of a bunch of apps to duct tape audit logs together. Orchestration also makes it easier to spot an error should it occur. It’s like finding a broken link in a chain instead of a needle in a haystack. Enables Iterative, Scalable Customization that Evolves as Companies Change Offboarding best practices from four years ago look totally different than today’s best practices. Technology has forced companies to adapt. Orchestration enables IT to keep up with the pace of change by allowing for iterative change instead of just adding another step to an already time-consuming process. Orchestrated offboarding is about tweaks, as opposed to overhauls. A new step is just another automated action. It’s simply an iteration of an existing workflow. 2 3
  • 11. info@bettercloud.com | (888) 999-0805 11 Carries Out Many Vital Offboarding Steps in Seconds Many companies do offboarding 100% right, however, it takes too long. With orchestrated offboarding, companies can perform a flurry of tasks almost instantly. Not only does this free up valuable time, but it also reduces risks by performing important security-related tasks automatically and in quick succession. After all, every minute an exiting employee can still access company data is another minute a company is at risk of a data or compliance breach. 4 5Offers Simplicity and Control Over Offboarding Processes Offboarding isn’t simple. If it were, people wouldn’t shy away from it so much. With more automation, and fewer dashboards involved, offboarding becomes less taxing from a documentation and training perspective. If a member of a team leaves, a new person should be able to pick things up immediately. If not, a company is probably dependent on the capabilities of a single employee. It must be simpler. Orchestration is the answer.
  • 12. info@bettercloud.com | (888) 999-0805 12 Case Study: SaaS Offboarding Orchestration in the World of High-Tech Venture Capital The Necessity of Precise and Immediate Offboarding “Thirty seconds.” That’s how much time Ryan Donnon needs before he can confidently look an investor in the eye and say: “We’re good. Everything sensitive is protected.” That’s effective offboarding. Donnon works as the IT and data manager at First Round Capital, a top-tier early-stage venture capital firm with over $700mm in capital under management, and 6 IPOs and 92 acquisitions under its belt. Due to the nature of the business, employees handle sensitive financials and proprietary information on a daily basis and thus Ryan understands the importance of offboarding. Data simply cannot be publicly exposed. Mistakes and delays aren’t an option. “If there’s ever a fire drill and someone needs to be offboarded immediately, I can’t say to a partner or a supervisor, ‘It’ll be two hours until their access is revoked.’” As a result, Donnon has created a fully orchestrated offboarding process, which helps him ensure precision, immediacy, and reliability. As soon as an employee exits the building, Donnon’s offboarding process, which takes only a “couple of clicks” to complete, revokes access to SaaS applications like Salesforce, Slack, and G Suite. Ryan Donnon
  • 13. info@bettercloud.com | (888) 999-0805 13 Eliminating Exposure with Offboarding Orchestration Like many IT professionals, Donnon agrees that the shift to SaaS has produced new opportunities and challenges. The challenges are particularly noticeable with offboarding, he says. “SaaS creates a lot of exposure for me when employees leave the company.” Using BetterCloud, Donnon eliminates this exposure in seconds. When an employee exits, Donnon “fires off a BetterCloud workflow,” which does a “bunch of things” he used to have to remember to do manually. “The workflow immediately removes them from all groups, deactivates two-factor authentication, resets their password, and revokes authentication tokens for all of the applications that the employee has connected to their account. And most recently, I’ve updated the workflow to actually deactivate their Salesforce account as well,” he says. While most of these steps are relatively simple tasks, each must be performed immediately when an employee is offboarded, making the workflow orchestration a critical value-add. “I think offboarding, as opposed to onboarding, is where I have the most exposure. If I mess up, forget a step and an ex-employee still has access to company data, that’s where I could hurt my reputation the most.” Next, because First Round Capital uses SAML for most applications other than G Suite, he “kills the ex-employee’s Okta account,” which “pretty much cuts off access to everything else.” Donnon views BetterCloud and Okta as entirely different, but complementary solutions. “Even if you use some deprovisioning stuff in Okta, it still can’t do everything that you need to do that I feel like BetterCloud really makes easier.” Most of the typically manual work associated with offboarding is automated through these processes. Donnon says that after seeing this orchestration in action, it’s hard not to say: “Wow. IT’s really got it together.” Ryan’s offboarding workflow in BetterCloud
  • 14. info@bettercloud.com | (888) 999-0805 14 Handling the Dynamic Variables Offboarding isn’t all about cutting off access. Of course, companies want to take care of physical access and assets, too. Turning off keycard access and collecting company devices are necessary steps that Donnon takes. But on top of that, exiting employees often possess information others may need. Donnon uses a checklist to help establish a timeline and manage the variables. “Everyone is going to be different,” he says. Offboarding a partner, for example, is going to be a much more complex scenario than an employee who was in and out in less than six months. How to handle email is one aspect of offboarding that varies more than any other. Leading up to the employee’s last day, communication, establishing personal relationships, and doing the upfront “legwork” are all key, says Donnon. “You don’t want to be reaching out to people [to get information you need to fully offboard them] for the first few months after somebody exits.” Ryan’s offboarding checklist
  • 15. info@bettercloud.com | (888) 999-0805 15 The Final Steps For the first two weeks after an employee leaves, the account is limbo, says Donnon. (G Suite cannot serve up an auto-reply if an employee is suspended or deleted.) “I use the BetterCloud interface to set the auto-reply.” At the end of the two weeks, Donnon goes into BetterCloud again. He takes care of what many forget: recurring calendar events, which often may be consuming shared resources like conference rooms. “If an ex-employee is the owner of any recurring events, I need to work with either their manager or the person that replaced them to figure out who I should transfer those events to.” If not, this can be an especially excruciating task to perform after the fact. “Google does not have a great way to transfer recurring events from a deleted user,” says Donnon. Next, Donnon backs up the account, transfers all of their shared Google Docs (typically to their manager), and then, unlike many G Suite admins, will actually delete their email account. (Many companies choose to suspend accounts for various reasons, but deleting a user will reduce costs, since Google does charge for suspended users.) With a standard two weeks’ notice, the entire offboarding process happens over the course of a month. Donnon takes care of his part in a matter of minutes.
  • 16. A B O U T B E T T E R C L O U D BetterCloud is the first Multi-SaaS Management Platform, enabling IT to centralize, orchestrate, and operationalize day-to-day administration and control across SaaS applications. Every day, thousands of customers rely on BetterCloud to centralize data and controls, surface operational intelligence, orchestrate complex actions, and delegate custom administrator privileges across SaaS applications. BetterCloud is headquartered in New York City with engineering offices in Atlanta, GA. For more information, please visit www.bettercloud.com. Demo BetterCloud today. info@bettercloud.com | (888) 999-0805