Technical offboarding of your employees
Technical offboarding is an essential part of the offboarding process. The IT department of the company is usually responsible for this task. Here you can find out what to consider during IT offboarding and why you should pay special attention to this step.
What is technical offboarding?
Technical offboarding is a structured process to organise the departure of employees with regard to all IT aspects. Technical offboarding includes, on the one hand, the return of all hardware issued to the company during onboarding and in the course of employment. The return ensures that the company property remains in the company. It also reduces the risk that sensitive data can be accessed after leaving.
The second area of technical offboarding is access control. On average, employees use about 30 different tools and applications for their daily work. Access rights must be removed or adapted for all of these. This includes access rights to internal company areas such as the intranet as well as permissions for specialised tools and applications. The topic of access control is often underestimated. However, it is of great importance as it ensures both IT security and compliance.
Technical offboarding - checklist for the IT department
Download: IT checklist for technical offboarding
To help you get started, we have created a sample checklist for onboarding. The checklist contains the most important tasks for the individual phases of onboarding. You can use our checklist directly or use it as a template and add items that are relevant to you.
Below you will find the most important points that belong on your IT checklist.
1. back up private and business data
Important: Make it clear that no business data may be deleted until the company has given its consent.
2. access control
Remove all permissions of the employee. This includes in particular the email account as well as access to tools and applications. The first point of contact is the SSO provider or IdP (identity provider). In many cases, this is the single source of truth and most access is via a Google or Microsoft account. Users can be easily activated or deactivated via G-Suite or Azure Active Directory.
Tip: When creating email addresses, make sure that they are as unique as possible (not: [email protected]). This way you can avoid them being used again later and new employees mistakenly having access to areas that are not intended.
Delete tool accounts
In addition, you should delete the user's accounts in the respective tool. Even if access was gained via SSO, the tool providers do not know that the address no longer exists and consequently data continues to be held by third-party providers.
Under certain circumstances, payment for the tool is made by user. By removing all unused accounts, unnecessary costs can be avoided.
Adjust shared access
Even if it is not good practice, it happens that several employees share an access. In such cases, adjust the sharing and remove the user in question.
Prevent remote access
Especially in times of remote work, employees often have access to company data via VPN connections or remote access. Make sure that all such accesses are revoked to protect your data from unauthorised access.
3. set up forwarding or an out-of-office note
As part of the offboarding concept, it should be defined for how long email addresses should remain accessible to outsiders after the employee leaves. Normally, a period of 1-3 months is recommended.
4. return of the hardware
With the shift towards hybrid work, employees are usually equipped with different mobile devices such as laptops or smartphones. In addition, they usually own other hardware such as computer accessories, office keys and the like. If someone leaves the company, these must of course be returned in full.
The basis for an uncomplicated return process is a handover protocol. This is already created during onboarding. In the handover protocol, all equipment and work materials handed over are noted. Together with an up-to-date inventory overview, it is easy to see during offboarding which technology needs to be returned.
5. clean up devices
6. terminate contracts
Last but not least, laptop, tablet or smartphone use often includes mobile phone contracts. Make sure that these are cancelled when you leave. Alternatively, the contract can be transferred to other employees for further use, thus saving costs.
With the Lendis OS, you can easily equip employees for remote work. If an employee leaves your company, Lendis takes care of the collection of all devices and the data protection-compliant cleaning of all devices.
As you can see, IT offboarding involves many tasks. Use our checklist to think through the process in your company in detail beforehand and clarify which additional tasks need to be done. This way you can ensure that employees are completely offboarded.