Technical offboarding of your employees
Technical offboarding is an essential part of the offboarding process. The company's IT department is usually responsible for this task. Here you can find out what you need to consider during IT offboarding and why you should pay particular attention to this step.
What is technical offboarding?
Technical offboarding is a structured process for organizing the departure of employees with regard to all IT aspects. On the one hand, technical offboarding includes the return of all hardware that was issued during onboarding and in the course of the employee's work for the company. The return ensures that company property remains in the company. It also reduces the risk of sensitive data being accessed after leaving the company.
The second area of technical offboarding is access control. On average, employees use around 30 different tools and applications for their daily work. Access rights must be removed or adapted for all of these. This includes access rights to internal company areas such as the intranet as well as authorizations for specialist tools and applications. The topic of access control is often underestimated. However, it is extremely important as it ensures both IT security and adherence to compliance requirements.
Technical offboarding - checklist for the IT department
Download: IT checklist for technical offboarding
To make it easier for you to get started, we have created a sample checklist for onboarding. The checklist contains the most important tasks for the individual phases of onboarding. You can use our checklist directly or use it as a template and add points that are relevant to you.
Below you will find the most important points that belong on your IT checklist.
1. back up private and business data
Important: Make it clear that no business data may be deleted until the company has given its consent.
2. access control
Remove authorizations
Remove all of the employee's authorizations. This includes, in particular, the email account as well as access to tools and applications. The first point of contact is the SSO provider or IdP (identity provider). In many cases, this is the single source of truth and the majority of access is via a Google or Microsoft account. Users can be easily activated or deactivated via G-Suite or Azure Active Directory.
Tip: When creating email addresses, make sure that they are as unique as possible (not: [email protected]). This will prevent them from being reused at a later date and new employees from wrongly gaining access to unintended areas.
Delete tool accounts
You should also delete the user's accounts in the respective tool. Even if the access was made via SSO, the tool providers do not know that the address no longer exists and consequently data is still stored by third-party providers.
Payment for the tool may be made by user. Unnecessary costs can be avoided by removing all unused accounts.
Adjust shared access
Even if it is not good practice, it sometimes happens that several employees share an access. In such cases, adjust the sharing and remove the user in question.
Prevent remote access
Especially in times of remote work, employees often have access to company data via VPN connections or remote access. Make sure that all such access is revoked to protect your data from unauthorized access.
3. set up forwarding or an out-of-office note
As part of the offboarding concept, it should be defined for how long email addresses should remain accessible to external parties after the employee has left. A period of between 1-3 months is normally recommended.
4. return of the hardware
With the shift towards hybrid working, employees are usually equipped with various mobile devices such as laptops or smartphones. In addition, they usually have other hardware such as computer accessories, office keys and the like. If someone leaves the company, these must of course be returned in full.
The basis for an uncomplicated return process is a handover protocol. This is created during the onboarding process. All devices and work equipment handed over are noted in the handover log. Together with an up-to-date inventory overview, it is easy to see which technology needs to be returned during offboarding.
5. clean up devices
6. terminate contracts
Last but not least, laptop, tablet or smartphone use often includes mobile phone contracts. Make sure that these are terminated when you leave. Alternatively, the contract can be transferred to other employees for further use, thus saving costs.
With lendisOS, you can easily equip employees for remote work. If an employee leaves your company, Lendis takes care of collecting all devices and cleaning them in accordance with data protection regulations.
As you can see, IT offboarding involves numerous tasks. Use our checklist to think through the process in your company in detail in advance and clarify which additional tasks need to be completed. This will ensure that employees are fully offboarded.