When someone leaves a company, HR usually thinks about paperwork, final pay, and maybe an exit interview. But from a security perspective, offboarding is one of the most overlooked — and riskiest — moments in the employee lifecycle.
An ex-employee with lingering access can cause silent risks: data leaks, compliance issues, or even unintentional damage months later.
Here’s a 7-step checklist every business should follow when an employee leaves.
1. Disable accounts immediately
Email, Slack, CRM, project tools — inactive accounts are prime targets for attackers.
2. Revoke access to cloud services
Don’t forget SaaS tools (Dropbox, Notion, HubSpot). Shadow accounts often survive longer than official ones.
3. Collect company devices
Laptops, phones, USB drives, access cards. Even one forgotten tablet can hold sensitive data.
4. Change shared passwords
If your team still shares credentials (e.g., social media logins), rotate them right away.
5. Review file sharing and calendars
Check Google Drive, OneDrive, or SharePoint. Remove ex-employees from shared folders and calendar invites.
6. Remove external integrations
APIs, third-party plugins, or scripts connected with their accounts may continue running unnoticed.
7. Communicate clearly with the team
Let colleagues know access has been removed. This prevents “Oh, I asked Anna for the file, she still had access” situations.
Final thought
Employee exits are normal. But leaving the digital door open is not.
By running this simple 7-step checklist every time, you reduce the silent risk that ex-employees (or attackers using their accounts) still have a foot inside your business.
Because offboarding isn’t just HR — it’s cybersecurity.
