Technical offboarding of your employees

Technical offboarding is an essential part of the offboarding process. The company's IT department is usually responsible for this task. Here you can find out what you need to consider during IT offboarding and why you should pay particular attention to this step.

What is technical offboarding?

Technical offboarding is a structured process for organizing the departure of employees with regard to all IT aspects. On the one hand, technical offboarding includes the return of all hardware that was issued during onboarding and in the course of the employee's work for the company. The return ensures that company property remains in the company. It also reduces the risk of sensitive data being accessed after leaving the company.

The second area of technical offboarding is access control. On average, employees use around 30 different tools and applications for their daily work. Access rights must be removed or adapted for all of these. This includes access rights to internal company areas such as the intranet as well as authorizations for specialist tools and applications. The topic of access control is often underestimated. However, it is extremely important as it ensures both IT security and adherence to compliance requirements.

Technical offboarding - checklist for the IT department

Technical offboarding should be structured and standardized and run through completely from start to finish every time an employee leaves. For this reason, the use of a checklist is recommended for both employees and the IT department. This ensures that nothing important is forgotten and all tasks are completed.

Download: IT checklist for technical offboarding

To make it easier for you to get started, we have created a sample checklist for onboarding. The checklist contains the most important tasks for the individual phases of onboarding. You can use our checklist directly or use it as a template and add points that are relevant to you.

Below you will find the most important points that belong on your IT checklist.

1. back up private and business data

Ensure that employees' private data is deleted or moved from the device, all storage locations and the email inbox. At the same time, all business data must be moved from private folders to publicly accessible directories in order to make them available to colleagues.

Important: Make it clear that no business data may be deleted until the company has given its consent.

2. access control

Remove authorizations
Remove all of the employee's authorizations. This includes, in particular, the email account as well as access to tools and applications. The first point of contact is the SSO provider or IdP (identity provider). In many cases, this is the single source of truth and the majority of access is via a Google or Microsoft account. Users can be easily activated or deactivated via G-Suite or Azure Active Directory.

Make sure beforehand that colleagues have access to the respective environments and that all data is still available.

Tip: When creating email addresses, make sure that they are as unique as possible (not: [email protected]). This will prevent them from being reused at a later date and new employees from wrongly gaining access to unintended areas.

Delete tool accounts
You should also delete the user's accounts in the respective tool. Even if the access was made via SSO, the tool providers do not know that the address no longer exists and consequently data is still stored by third-party providers.
Payment for the tool may be made by user. Unnecessary costs can be avoided by removing all unused accounts.

The departing employee may be the administrator for one of the tools. In this case, first transfer the admin authorization to another user or a general account before deleting the account.

Adjust shared access
Even if it is not good practice, it sometimes happens that several employees share an access. In such cases, adjust the sharing and remove the user in question.

Prevent remote access
Especially in times of remote work, employees often have access to company data via VPN connections or remote access. Make sure that all such access is revoked to protect your data from unauthorized access.

3. set up forwarding or an out-of-office note

As part of the offboarding concept, it should be defined for how long email addresses should remain accessible to external parties after the employee has left. A period of between 1-3 months is normally recommended.

During this time, forward all emails to this address to a colleague or supervisor so that no inquiries or customer communication are lost. Good practice during this time is to set up an automatic reply to inform the sender that the email is being processed by other employees.

When the previously defined period ends, the e-mail address is permanently deactivated.

4. return of the hardware

With the shift towards hybrid working, employees are usually equipped with various mobile devices such as laptops or smartphones. In addition, they usually have other hardware such as computer accessories, office keys and the like. If someone leaves the company, these must of course be returned in full.

The basis for an uncomplicated return process is a handover protocol. This is created during the onboarding process. All devices and work equipment handed over are noted in the handover log. Together with an up-to-date inventory overview, it is easy to see which technology needs to be returned during offboarding.

5. clean up devices

Regardless of whether the technology is later reused or disposed of, you should clean all devices after returning them and reset them to their factory settings. This ensures that no personal or sensitive data is left on the device and guarantees compliance with data protection regulations.

6. terminate contracts

Last but not least, laptop, tablet or smartphone use often includes mobile phone contracts. Make sure that these are terminated when you leave. Alternatively, the contract can be transferred to other employees for further use, thus saving costs.

With lendisOS, you can easily equip employees for remote work. If an employee leaves your company, Lendis takes care of collecting all devices and cleaning them in accordance with data protection regulations.

As you can see, IT offboarding involves numerous tasks. Use our checklist to think through the process in your company in detail in advance and clarify which additional tasks need to be completed. This will ensure that employees are fully offboarded.