What a Disgruntled Ex-Employee Who Cost a Company $678,000 Can Teach All Business Owners
In early June, Kandula Nagaraju, a 39-year-old former National Computer Systems employee from India, received a two-year, eight-month prison sentence for unauthorized access and deletion of 180 test servers at his previous workplace.Despite being terminated in October 2022 due to performance issues, Nagaraju retained access to company systems. He used this access to develop and execute scripts that deleted the servers. This action cost NCS approximately $678,000 to rectify. Fortunately, his nefarious deeds did not compromise sensitive data as the servers were isolated and used for app testing. But, the company still suffered an enormous financial loss. Plus, things could have been a lot worse.
This single case serves as a critical reminder: ex-employees can still be a liability, and if they maintain their insider access, they can exploit said access to inflict extensive damage. Not only monetarily, but on a much wider and more consequential scale. So harmful, that it could bring a company down and ruin its reputation to the point of no return.
Why Businesses Should Always Delete the Credentials of Former Team Members
Sadly, Nagaraju is just one example of many. Several companies have suffered immensely – but unnecessarily – simply because those organizations did not take the proper steps to protect themselves. Instead, they were complacent or too late to act and the results were disastrous. Because of these instances, businesses should always remove ex-employee credentials to keep their corporate data and work product secure for several reasons:- Data security. Ex-employees may still have access to sensitive company information, such as customer data, trade secrets, or financial information. Removing their access ensures that this data remains secure and is not accessed or misused by unauthorized individuals.
- Prevent unauthorized access. Even if an ex-employee has left the company – even on good terms – there is always a risk that they could use their access to the company’s systems to make changes or access data without approval. Removing their credentials prevents this from happening.
- Compliance. Many industries have regulations that require companies to protect sensitive data. By removing ex-employee credentials, companies can ensure they are meeting these compliance requirements.
- Insider threats. Ex-employees may be disgruntled or may have left the company under less-than-ideal circumstances. They could potentially use their access to company systems to sabotage the company or steal data. Removing their credentials helps to mitigate this risk.
- Avoid confusion. If an ex-employee’s credentials are not removed, it can lead to confusion about who has access to what. This can make it more difficult to manage access to systems and data.
So, businesses of all sizes should have a process in place to address such security issues. When an employee leaves the company voluntarily or a team member is terminated, that person’s credentialed access should immediately be removed. Additionally, steps must be taken to fill that new void to ensure workflow continues virtually uninterrupted in order to meet benchmarks and deadlines. Moreover, to keep proprietary data safe.
Want to Accomplish More?
Do you want your company to grow faster and earn more while you spend more time with your family doing all the things you started your business to do?We can make that dream a reality. Give us 30 minutes and we will show you how to get your life back. Skeptical? Good! Put us to the test.
You can call us for your free appointment at (602) 541-1760, or, if you prefer, Waters Business Consulting Group to learn more about us and the services we offer.
