In light of all of recent news about employee cutbacks, it is important to keep in mind what steps a business should take before letting employees go. Additionally, if you are an employee these are things you should expect, and can rest assured these steps are not personal. The items discussed in this post are important for any business to help protect their intellectual property. Additionally, they are critical for business continuity.
This post discusses three steps any business should take to prepare for laying off an employee.
3 Important Steps to Take Before Laying off Employees
While this is certainly not an exhaustive list, these three things are really impactful on business continuity when laying off employees.
- Adding additional user(s) to important accounts
- Changing passwords
- Retrieving hardware
Adding additional user(s) to important accounts
There is a very strategic reason this step is listed before the changing passwords step. The reason this step must come first is because nearly every business has an important account attached to a single user that will be very hard to regain access to once that user's account no longer exists or is no longer associated with that application.
Often times when setting up an account for applications, users create the account which is linked to their email/network account. This can happen for several reasons, including:
- Your business is trying to find a new application to fit a specific business need.
- The application does not differentiate between business and personal accounts.
- The account was set up quickly and nobody had time to consider who was creating the account or what managing that would look like long term.
There are a myriad of reasons why accounts for online services and applications may be linked to a specific user on your team. However, when this happens, these accounts can be at risk if you shut them down before adding an additional user to the account.
Once access to the account is gone, if the user was the only one who could log into the application and an additional user is not added before ending that access, you risk losing data, templates, and any access. This is why it is so important to set up access with a secondary account wherever possible. Ideally, this would be done from the beginning, but since that is not always possible, at least make it a priority before letting go of the one staff person who was able to use the application.
Knowing who has access to what accounts is important for more than just retaining access to the accounts as in the first example. Another important aspect of managing who has access to what is removing access from those who no longer need it. This is a really important step that should be taken immediately upon letting someone go. Keep in mind this is for many reasons including misinformation, data integrity, number of licenses, and more.
Rather than simply deactivating an account, which may be attached to other things, changing the password might be a better choice. Changing the password for an account provides more opportunity to gain access to accounts that would otherwise be lost. This also allows you to move or copy files and data that you might have to recreate if you could not access the application.
Changing the password to accounts related to someone who is no longer employed by you is really important because it protects both you and the employee from any miscommunications. As a business owner, you should be able to confidently account for who has access to your company data at all times. This is important to all of your clients and your business reputation. As an employee, there is protection in no longer having access to a resource because if anything happens after you have left, there is no way you could be the cause.
Be sure you consider all the different data points your staff have, and what you need to change before they are gone. Websites and social media accounts are items businesses often forget staff have admin access to, but it can be very detrimental to overlook these types of accounts.
Retrieving hardware probably sounds obvious, but there may be things you have not considered. Beyond the typical laptop, consider the following items that are often forgotten:
- Key fobs
- Keys to buildings, rooms, storage rooms, vehicles, etc.
- Phones - VoIP or cellular
- Hotspots and wireless access points
- Wireless headsets
- External drives including flash drives
Some of the items on this list are not very expensive, but that really isn't the point. Many of them can contain data that belongs to your business, so it is important to collect them.
Additionally, one thing people often forget when laptops are returned is to ask for the user's password or have them change it to a generic password. This is especially important if the laptop was shipped directly to them, or you might not know the local administrator user credentials. While it is possible to work around this, it can be difficult if you are not particularly tech savvy.
Staff changes are never fun, especially when you have to let someone go. Before following through on layoffs, there are additional things to consider beyond what may seem obvious. First, consider what accounts the employee has access to, and does anyone else have access or would you lose information if you shut their account down? Second, change the password to any accounts the employee had access to. Lastly, remember to collect any hardware they received while working for you.
As always, knowing what all you need to look out for can better protect your data and intellectual property.