Ex-Employees Are Not Quite Shut Off

Out of the 20 percent of respondents who said their organizations have experienced data breaches by former employees, almost half – 47 percent – admit that one in every 10 data breaches were tied directly to ex-employees, OneLogin found.

Even if an ex-employee accesses the system, it's not always with the intention of doing harm, says Kevin Goodman, managing director and partner at BlueBridge Networks, a Cleveland-based solution provider. For example, he said, they could have accidentally gained access through old laptops that they still have.

Goodman suggests that de-provisioning be done manually, with limited access granted as soon as the organization knows that employees will be leaving the company, such as once they give a two- or three-week notice before they leave for new jobs. During that period between notice and departure, they should be granted limited access through the ticketing system, Goodman said. That may be "cumbersome and time consuming," he added, but it's worth it to ensure security.