Employee Offboarding is a Cybersecurity Event: Don’t Let the Door Hit You – or Your Data

By Matthew Kaufman July 9, 2024
employee offboarding person carrying box

A recent story reminds us about an important topic for businesses: employee offboarding. At KaufmanIT, we understand how this seemingly routine task, if done poorly, can have harmful implications for an organization’s security and data integrity.

When an employee leaves a company, whether voluntarily or involuntarily, it’s not just about collecting the person’s badge and wishing him or her well. In our digital age, it’s about ensuring that their access to company systems, data, and resources is promptly and thoroughly revoked. This process is more critical than you might think.

The Risks of Inadequate Offboarding

Consider for a moment the potential consequences of a former employee retaining access to your company’s systems. They could, intentionally or not, access sensitive information, manipulate data, or even cause disruptions to your operations. It’s a scenario that keeps experienced IT professionals up at night, and for good reason.

A Real-World Example: The Geisinger Incident

To illustrate the importance of proper offboarding, let’s look at a recent incident that serves as a stark reminder of what can go wrong when offboarding procedures fall short.

Geisinger, a leading provider of value-based care that serves over 1 million people in Pennsylvania, recently had to notify patients about a data security incident stemming from an offboarding oversight.

Their third-party service provider, Nuance, failed to promptly disable a former employee’s access. As a result, this ex-employee was able to access Geisinger patient information without authorization, compromising the personal and health data of all Geisinger’s patients.

My immediate reaction when reading about this incident? Ugh! Totally avoidable.

The KaufmanIT Approach: Prioritizing Offboarding

At KaufmanIT, an employee offboarding is a high-priority tasks that demands immediate attention, a service ticket our team reacts to urgently. Our approach is proactive and comprehensive, designed to mitigate risks swiftly and effectively.

Our offboarding process includes:

  • Immediate disabling of all account access
  • Revoking VPN and remote access privileges
  • Updating shared passwords and access codes
  • Securely backing up and transferring important data
  • Collecting and/or auditing the collection of company devices and hardware


Our message to clients about employee offboarding has always been this: don’t wait a day, don’t even wait an hour – let us know immediately when an employee has left or been terminated. Better yet, schedule the offboarding with us ahead of time, when possible, so we can disable access while an employee is being notified.

Such advice may sound simple but you would be surprised how often companies leave this door open.

Business owners need to appreciate that employee offboarding is more than just an HR formality—it’s a critical component of your overall cybersecurity strategy.

The Geisinger incident serves as a potent reminder of the potential consequences of overlooking this crucial process.

Remember: in the world of IT security, an ounce of prevention is worth a pound of cure. Prioritize your offboarding processes and you’ll be taking a significant step towards safeguarding your organization’s digital assets.

Latest Blog Posts

Get the IT Expertise You Deserve

You’re here now – why wait?

Find out why our award-winning team is also one of the fastest-growing technology providers in California.

Request a call today!

KaufmanIT-BIMI 5