Although this may seem to paint a bleak picture about a companys ability to retain and motivate staff it is, in fact, a necessity for a growing number of organisations. With the range of facilities and systems that employees require access to becoming increasingly varied, enterprises are struggling to find ways in which to control new, existing and departing members of staff.
Marc Hudavert offers best practice advice for minimising the risk to which the corporate infrastructure is exposed when staff leave the building for the last time.
Commissioning: To securely commission a new employee in the enterprise, the access rights and privileges of that individual must be determined and controlled through a centralised system. The use of smart card technology can facilitate this process from day one, by requiring the employee to use these devices to access buildings and systems.
Throughout the individuals term of employment, the privileges linked to their profile can be centrally managed through the same system which commissions and decommissions cards, ensuring that the appropriate levels of security are maintained at all times.
Furthermore, when the employee leaves, the company retains management of the card to prevent unrestricted access to either buildings or IT systems, regardless of whether or not they returned the card.
Passwords: Many businesses use password protection facilities to control access to web-based applications. While this reduces the chances of unauthorised individuals accessing company data from outside the building, the constant need to update, change and respond to forgotten password queries from staff can be a huge administrative burden for the IT department to bear.
However, its not a responsibility that users should be allowed to overlook. Some applications use a single password for multiple users, so ensuring that the process of decommissioning an employee is carried out in a timely fashion is paramount to avoiding the disruption of other staff. Password management can also be consolidated through a single sign-on solution, which enables users to access systems and applications through a combination of authentication hardware and a one-time password.
Passwords can be centrally managed and the IT department given the option to automate the changing of passwords without requiring user intervention. The password changes happen without the user being aware, and remain secure because the use of their own password and a physical card or token are still required to complete the authentication.
Hardware: Aside from the software applications that staff use, its also imperative that hardware is included in the employee commissioning process. Firstly, an itinerary of all devices supplied to a member of staff must be maintained to ensure that hardware is returned at the point of departure. Not only is it costly if items go missing, it could also constitute a major security threat if the access that they offer is unsecured.
Sign up for Computerworld eNewsletters.