Your chances of falling foul of a disgruntled ex-employee fall largely on the strength of your JML process – which needs to rely on more than just HR.
Take a leisurely stroll across the office (or scroll to a new Teams window) to speak to HR, and chances are you’ll be greeted with exasperation and exhaustion. Between volatile markets, the so-called Great Resignation, and job-hopping at a ten-year high, HR have their work cut out for them.
Bearing a lot of the pressure behind the scenes is the joiner/mover/leaver (JML) process, governing the lifecycle of employees and their access – all the way from onboarding to departure. While attention is drawn to remote working and recruitment drives, however, the JML process can go neglected – and that’s when it becomes ripe for security risks.
Shut the Door on the Way Out
When it comes to security, much focus is drawn towards active threats – such as poor password controls, hackers, and viruses – and this is where organisations invest in training, defences, and testing. To ignore passive, internal risks present within important organisational processes, however, is to court disaster.
Many organisations have unwittingly found themselves in the line of fire from rogue former employees, with situations including data leaks and sharing insider security information with third parties. A common thread in these cases tends to be the accessing and downloading or destruction of data at a point when access should no longer be possible – either because the employee has left, is leaving, or has moved roles within the company.
When the JML process isn’t watertight, lingering access and accumulated permissions can be all rogue employees need to cause significant financial and operational damage. Data can end up in the hands of competitors, be sold on the Dark Web, or simply be held to ransom.
It’s not just about the bad actors, either. When surveyed, 1 in 3 ex-employees revealed they still had access to company data after leaving. Even without ulterior motives, employees still being able to access confidential personal data can have significant GDPR ramifications. Considering that 24% of UK businesses have suffered data breaches caused by former employees, the risk is very clear.
Finally – and perhaps most dangerously – unused identities with permissions are attractive prospects to hackers looking to gain access to an organisation. Once in control, they can puppet the identity to access large swathes of data, filling their pockets as they go.
Knowing this, it’s easy to see why HR might be sweating under the strain of the JML process at a busy time. That’s why it pays to cultivate collaboration and communication between HR and IT/security teams, closing potential gaps as quickly as they appear and automating the process.
Bridging the Departmental Gap
We love talking about how insights can help to bridge the departmental gap. This is especially true when we can see the perfect space to build a footbridge between two departments like HR and IT. The handling of the JML process is that footbridge.
Collaboration and communication, then, are crucial factors to JML success: with HR tracking and updating the movements of individuals through the organisation, IT can apply controls, switch permissions on or off, and build increased levels of automation to head off any risks before they become a real threat.
This, however, is a best-case scenario – one where the organisation is making a clean start. As wonderful as such a world would be, it’s rarely the case in real-life instances. Instead, organisations first need to get to grips with the current situation, delving deep into the state of their identities – Which are unused? Are any at risk? Have they all been allocated the correct permissions? – to fashion a foundation upon which they can build.
While manual processes and huge amounts of data can make surfacing these insights a challenge, it’s not impossible – especially when using a smart cloud optimisation tool such as Surveil to generate deep analytics.
Supported by insights and with collaboration in full swing, the HR/IT combination can be a match made in JML heaven; risks are minimised, employees only have the permissions they need, and at-risk accounts are identified early on – contributing to a successful identity and access management strategy. And as a bonus, the cost of licences attached to those unused identities can be recovered and reinvested. It’s a win-win all round.
Are you a Microsoft Partner looking to support your customer’s journey to JML paradise? A Surveil-powered Microsoft 365 Health Check might be exactly what you need to get started.