IT Insight: Removing your network’s unused credentials
When an employee leaves a company, we often focus on shifting projects and responsibilities to other team members or new staff. It’s also critical to remember to remove their credentials from your network! In fact, around 50% of small businesses have unused accounts on their network, and these pose a security risk.
Former employees themselves usually aren’t your biggest threat. It’s really the external attackers that are targeting their unmonitored accounts. These forgotten, neglected accounts are attractive to cybercriminals and pose the following threats:
- Business operations – hackers can steal data and intellectual property, disrupting and even immobilizing operations
- Financial impact – unused accounts accumulate unnecessary service and licensing charges
- Legal risks – industries with strict security protocols (e.g., HIPAA) risk substantial fines for breaches via unused credentials
Preventative Measures
- Regularly audit and deactivate unused accounts
- Implement multifactor authentication (MFA) for all accounts
- Create an offboarding checklist to deactivate access before an employee’s last day
- Educate employees on the importance of maintaining system security
Have an action plan for 2025!
Reach out today to get a security audit and see how using a trusted managed service provider can improve your network’s resiliency. And here’s to a healthy, happy, SECURE new year from PCGiT!
This post is a summary of a recent Seacoast Online IT Insight feature. Read the full article here.
JoAnn Hodgdon is vice president and co-founder of PCGiT with her husband, Dave.
PCG provides comprehensive managed IT services, business continuity, security, cloud computing and virtual CIO services to their clients.
Reach out to her at joann@pcgit.com with comments or story ideas.