Preventions
- Home
- - Preventions
- -PV024
- ID: PV024
- Created: 19th June 2024
- Updated: 19th June 2024
- Contributor: The ITM Team
Employee Off-boarding Process
When an employee leaves the organization, a formal process should be followed to ensure all equipment is returned, and any associated accounts or access is revoked.
Sections
ID | Name | Description |
---|---|---|
ME021 | Unrevoked Access | The subject has left the organization but still has access to services or data that is reserved for employees. |
MT003 | Leaver | A subject leaving the organisation with access to sensitive data with the intent to access and exfiltrate sensitive data or otherwise contravene internal policies. |
ME021.001 | User Account Credentials | User credentials that were available to the subject during employment are not revoked and can still be used. |
ME021.002 | Web Service Credentials | Web credentials that were available to the subject during employment are not revoked and can still be used. |
ME021.003 | Physical Access Credentials | Physical security credentials, such as an ID card or physical keys, that were available to the subject during employment are not revoked and can still be used. |
ME021.004 | API Keys | API keys that were available to the subject during employment are not revoked and can still be used. |
ME021.005 | SSH Keys | SSH keys that were available to the subject during employment are not revoked and can still be used. |
ME021.006 | Multi-Factor Authentication | MFA tokens or hardware devices (such as physical security keys) issued to the subject during employment are not deactivated and can still be utilized. |