What a Disgruntled Ex-Employee Who Cost a Company $678,000 Can Teach All Business Owners

What a Disgruntled Ex-Employee Who Cost a Company $678,000 Can Teach All Business Owners

In early June, Kandula Nagaraju, a 39-year-old former National Computer Systems employee from India, received a two-year, eight-month prison sentence for unauthorized access and deletion of 180 test servers at his previous workplace.

Despite being terminated in October 2022 due to performance issues, Nagaraju retained access to company systems. He used this access to develop and execute scripts that deleted the servers. This action cost NCS approximately $678,000 to rectify. Fortunately, his nefarious deeds did not compromise sensitive data as the servers were isolated and used for app testing. But, the company still suffered an enormous financial loss. Plus, things could have been a lot worse.

This single case serves as a critical reminder: ex-employees can still be a liability, and if they maintain their insider access, they can exploit said access to inflict extensive damage. Not only monetarily, but on a much wider and more consequential scale. So harmful, that it could bring a company down and ruin its reputation to the point of no return.

Why Businesses Should Always Delete the Credentials of Former Team Members

Sadly, Nagaraju is just one example of many. Several companies have suffered immensely – but unnecessarily – simply because those organizations did not take the proper steps to protect themselves. Instead, they were complacent or too late to act and the results were disastrous. Because of these instances, businesses should always remove ex-employee credentials to keep their corporate data and work product secure for several reasons:
  • Data security. Ex-employees may still have access to sensitive company information, such as customer data, trade secrets, or financial information. Removing their access ensures that this data remains secure and is not accessed or misused by unauthorized individuals.
  • Prevent unauthorized access. Even if an ex-employee has left the company – even on good terms – there is always a risk that they could use their access to the company’s systems to make changes or access data without approval. Removing their credentials prevents this from happening.
  • Compliance. Many industries have regulations that require companies to protect sensitive data. By removing ex-employee credentials, companies can ensure they are meeting these compliance requirements.
  • Insider threats. Ex-employees may be disgruntled or may have left the company under less-than-ideal circumstances. They could potentially use their access to company systems to sabotage the company or steal data. Removing their credentials helps to mitigate this risk.
  • Avoid confusion. If an ex-employee’s credentials are not removed, it can lead to confusion about who has access to what. This can make it more difficult to manage access to systems and data.
And last but not least, data breach prevention. If an ex-employee’s credentials are compromised, it could lead to a data breach. Removing their credentials helps to prevent this. By deleting their access, companies have less risk of sensitive information getting out into the public domain. Because once that data is out, it’s up for grabs for anyone to capture it.

So, businesses of all sizes should have a process in place to address such security issues. When an employee leaves the company voluntarily or a team member is terminated, that person’s credentialed access should immediately be removed. Additionally, steps must be taken to fill that new void to ensure workflow continues virtually uninterrupted in order to meet benchmarks and deadlines. Moreover, to keep proprietary data safe.

Want to Accomplish More?

Do you want your company to grow faster and earn more while you spend more time with your family doing all the things you started your business to do?

We can make that dream a reality. Give us 30 minutes and we will show you how to get your life back. Skeptical? Good! Put us to the test.

You can call us for your free appointment at (602) 541-1760, or, if you prefer, Waters Business Consulting Group to learn more about us and the services we offer.

Like this article?

Share on Facebook
Share on Twitter
Share on Linkdin
Share on Pinterest

Related Posts

What a Disgruntled Ex-Employee Who Cost a Company $678,000 Can Teach All Business Owners

June 26, 2024 No Comments

What a Disgruntled Ex-Employee Who Cost a Company $678,000 Can Teach All Business Owners In early June, Kandula Nagaraju, a 39-year-old former National Computer Systems employee from India, received a two-year, eight-month prison sentence for unauthorized access and deletion of 180 test servers at his previous workplace. Despite being terminated in October 2022 due to performance issues, Nagaraju retained access to company systems. He used this access to develop and execute scripts that deleted the servers. This action cost NCS approximately $678,000 to rectify. Fortunately, his nefarious deeds did not compromise sensitive data as the servers were isolated and used for app testing. But, the company still suffered an enormous financial loss. Plus, things could have been a lot worse. This single case serves as a critical reminder: ex-employees can still be a liability, and if they maintain their insider access, they can exploit said access to inflict extensive damage. Not only monetarily, but on a much wider and more consequential scale. So harmful, that it could bring a company down and ruin its reputation to the point of no return. Why Businesses Should Always Delete the Credentials of Former Team Members Sadly, Nagaraju is just one example of many. Several companies have suffered immensely – but unnecessarily – simply because those organizations did not take the proper steps to protect themselves. Instead, they were complacent or too late to act and the results were disastrous. Because of these instances, businesses should always remove ex-employee credentials to keep their corporate data and work product secure for several reasons: Data security. Ex-employees may still have access to sensitive company information, such as customer data, trade secrets, or financial information. Removing their access ensures that this data remains secure and is not accessed or misused by unauthorized individuals. Prevent unauthorized access. Even if an ex-employee has left the company – even on good terms – there is always a risk that they could use their access to the company’s systems to make changes or access data without approval. Removing their credentials prevents this from happening. Compliance. Many industries have regulations that require companies to protect sensitive data. By removing ex-employee credentials, companies can ensure they are meeting these compliance requirements. Insider threats. Ex-employees may be disgruntled or may have left the company under less-than-ideal circumstances. They could potentially use their access to company systems to sabotage the company or steal data. Removing their credentials helps to mitigate this risk. Avoid confusion. If an ex-employee’s credentials are not removed, it can lead to confusion about who has access to what. This can make it more difficult to manage access to systems and data. And last but not least, data breach prevention. If an ex-employee’s credentials are compromised, it could lead to a data breach. Removing their credentials helps to prevent this. By deleting their access, companies have less risk of sensitive information getting out into the public domain. Because once that data is out, it’s up for grabs for anyone to capture it. So, businesses of all sizes should have a process in place to address such security issues. When an employee leaves the company voluntarily or a team member is terminated, that person’s credentialed access should immediately be removed. Additionally, steps must be taken to fill that new void to ensure workflow continues virtually uninterrupted in order to meet benchmarks and deadlines. Moreover, to keep proprietary data safe. Want to Accomplish More? Do you want your company to grow faster and earn more while you spend more time with your family doing all the things you started your business to do? We can make that dream a reality. Give us 30 minutes and we will show you how to get your life back. Skeptical? Good! Put us to the test. You can call us for your free appointment at (602) 541-1760, or, if you prefer,

Read More »

How Entrepreneurs Can Establish Good Business Credit

June 1, 2018 No Comments

When you open a small business, you have the opportunity to build credit separate from your personal credit. The better your small business’ credit, the better terms you can get with supply vendors and lending institutions, like banks. This means being able to borrow at a better rate to finance expansion in the future. Why Building Good Business Credit is Important Like personal credit, business credit is monitored and reported by credit bureaus. “The major business credit bureaus that compile and provide copies of the reports are: Dun & Bradstreet, Experian Business, Equifax Business, and Business Credit USA,” according to one credit expert. By having a business credit history separate from your personal one, you can minimize the effect negative events on one might have on the other. For example, if you have some financial missteps that impact your personal credit history and score, they shouldn’t impact your small business credit if you have established a clear separation and vice versa. —Biz Filings.com Building business credit is essential to a company’s reputation and success. Establishing good business credit is done through a combination of practices. Your small business will have to observe these to build a solid commercial credit record. How Entrepreneurs can Establish Good Business Credit When you start a company, you’ll probably need corporate credit for a number of things. Keep in mind, though, these are ultimately your personal responsibility. So, make sure you understand the terms. Here’s how entrepreneurs can establish good business credit: Secure a debt instrument in the business’ name. A “debt instrument” is simply another term for “loan” or “line of credit”. It means you are borrowing money in advance or taking on debt to purchase necessities for your business, like fixtures, equipment and supplies. Apply for a business loan, line of credit, or vendor credit that does not check your personal credit score or history. You are attempting to obtain credit in the business’s name only. Commercial lenders may waive personal credit checks in lieu of providing collateral or a down payment. Another method for securing a debt instrument is to apply for a credit card in the name of your business. Terms and reporting procedures will vary by credit card companies, but in general, the monthly payments will reflect on your business’ credit profile. Build your credit history. Make credit line and business loan payments on time. Schedule automatic payments debited from your business checking account for business loans and lines of credit. Or make payments on recurring credit lines or loans at least three to five business days in advance of the due date. Get in the habit of making payments larger than the minimum due. Check your business’ credit files for errors. Request copies of your business credit report from each of the corporate credit monitoring bureaus, six to 12 months after securing a commercial loan or line of credit. Review each report for accuracy and dispute any errors directly with the agency reporting the erroneous items. If errors are disputed to no avail and are not legitimate, consider having your attorney contact the reporting agency to resolve the situation. Like personal credit reports, business credit reports may be adversely affected by incorrect trade lines being reported. How have you established business credit? What mistakes would you avoid? Please share your thoughts and experiences! Interested in learning more about business? Then just visit Waters Business Consulting Group.

Read More »