In a SaaS-first world [1] [2], IT offboarding can be challenging [1]. This is due to the ease with which employees can adopt new cloud and SaaS applications [1]. However, there are common pitfalls that can interfere with the offboarding process. This includes suspending or deleting email accounts too soon and overlooking unsanctioned SaaS assets. It is important to address these challenges to ensure a smooth offboarding process.
Description
One common pitfall in IT offboarding is suspending or deleting the email account before completing other critical steps [2]. This can interfere with transferring files and data [2]. To avoid this [2], it is important to revoke access to the email account by resetting passwords and turning off recovery methods instead [2].
Another pitfall is considering only what’s in the identity provider (IdP) or single sign-on system (SSO) [2]. This can lead to overlooking unsanctioned or “shadow” SaaS assets [2]. To address this, the scope of offboarding should encompass all managed and unmanaged cloud and SaaS access [1] [2].
Additionally, transferring ownership of critical resources like social media accounts and registered domains is often overlooked [2]. This can lead to business disruption or inaccessible accounts [2]. Engaging with application business owners and stakeholders is crucial to ensure a smooth offboarding process [2].
Finally [2], app-to-app OAuth integrations should be reviewed and grants revoked to avoid business disruption and increased risk [2].
Conclusion
In conclusion, IT offboarding in a SaaS-first world requires careful consideration and attention to detail. By avoiding common pitfalls and addressing all aspects of offboarding, businesses can ensure a smooth transition for departing employees. Engaging with stakeholders and utilizing automation solutions, such as Nudge Security [1], can streamline the offboarding process and mitigate potential risks. Looking ahead, it is important for organizations to stay vigilant and adapt their offboarding procedures as new technologies and applications continue to emerge.
References
[1] https://thehackernews.com/2023/09/avoid-these-5-it-offboarding-pitfalls.html
[2] https://www.ihash.eu/2023/09/avoid-these-5-it-offboarding-pitfalls/
