It’s never easy to terminate an employee. The skill of firing with flair is a sensitive but necessary process that everyone should learn!
It happens to the best of us. We post an advertisement for an available position on job boards across the Internet. We scour through the thousands (and thousands) of submitted resumes. We painstakingly choose the best candidates (on paper) to bring in for an interview, and we try to pose the questions that should result in the most thought-provoking and inspired responses, giving us the deepest insight into their soul – in about 30 minutes or less. We thank each interviewee dutifully for their time, wonder if we’ll get the perfunctory thank-you note or if their manners will go remiss, and try to decide who makes the cut and gets the job offer. Fast forward to the day we discover the candidate doesn’t stack up to the promises made during the hiring and onboarding process – and it’s time for the HR team to tactfully terminate.
We’ve all been there. The goal is always to build a team that is dedicated, loyal, and earnest – but too many times we encounter flaws with one of these characteristics, and the relationship is no longer, as the saying goes, mutually beneficial. Is your termination process thorough? What steps do you need to take to protect yourself and your business from retaliation in preparation before a potentially hostile departure? Read on to cover all your bases, but leave the exit details to the HR team.
First Things First
Once you have a full grasp of the outstanding projects and deadlines that still need to be met, you can move on to the most pressing matters.
Access: All login credentials
For global enterprises, there are large IT teams that oversee just logins and passwords alone – but since you’re reading this, you don’t work for IBM or Apple with a department of staff dedicated solely to current credential maintenance.
Most organizations require a username and password to access anything related to the organization itself: email, file storage, etc. and this is the first of many credentials that should be addressed to ensure swift and secure measures to protect the company after a termination.
First, change the password. The terminated party likely has their work email on their smartphone and thus can access their email immediately upon departure from the office. This offers the chance for damage or sabotage, such as deleting emails from their inbox or sending damaging emails to contacts.
Maintain the email account by having another party monitor incoming messages. Consider setting up an auto-reply feature to notify senders to the recipient that further communications should be directed to another email address for attention in the future.
One task that tends to be overlooked in the immediacy of a departure is the removal of the terminated party from internal distribution lists and notifications.
Lastly, if the individual has suspected termination was imminent, they may have deleted emails before the action taking place. There is a brief window when email recovery is still possible, but the standard time frame is 30 days.
VPN or remote access
If your company allows remote network access, likely through a Virtual Private Network (VPN) or a service like LogMeIn, a team member likely only needs to have this access set up one time and store their login and password at the remote point of access. The simplest way to prevent future access with this is by changing the affected password. If a platform like LogMeIn is the primary connection method, the administrator will need to be the one to change the user’s access settings.
Typically, an organization uses an Intranet portal to store internal communications or Human Resources information like health insurance details, company directories, staff handbooks, forms and processes, office calendars and holiday schedules, and any other pertinent documentation related to operations. Access removal or password change to a network will often serve to prevent further access to this area, but a quick verification of settings here is still wise.
To prevent anyone from accessing files after termination, and for similar reasons as above – sabotage or deletion – change any access passwords for this portal. It’s very likely that proprietary information on projects, clients, or other sensitive information is stored here.
If termination is pending for an individual, it’s wise to preemptively make a back-up of these files and store them elsewhere for later access.
If your company uses cloud providers like Dropbox for Business, Microsoft OneNote or SharePoint, your administrator will need to lock the account for security, likely by resetting the password.
If after the termination and departure is complete you notice files are missing and suspect deletion, time is critical for data recovery.
What else can you do?
Aside from the items listed above, any organization should take every precaution possible to protect themselves in any situation. At some point, a termination is inevitable, and proper handling of the process can be what defines the outcome.
Enact security protocols that limit or prevent the use of external devices like hard drives or thumb drives.
Prevent team members from removing any proprietary data from the premises. This is almost impossible in the case of a distributed workforce, but you can require all files to be stored in a central repository to minimize risk.
It’s worth taking the time to review the terminated party’s outgoing email in “Sent Items” to verify if any messages were forwarded to a personal email address.
It’s always challenging to decide if a note to other team members is a good idea, alerting staff to the departure of an individual. Privacy policies typically protect the terminated party, and a perfunctory statement of “Sally Smith is no longer with the company as of April 1, 2018. We wish her well in future endeavors. Any questions, concerns, or communications may be directed to her supervisor, Billy Boss, moving forward” or something very similar, so long as it’s kept generic.
Handling a termination is never easy. The most important aspect of any termination is to protect the company – it sounds harsh, but it’s a fact. Preventing someone who is being fired from stealing information and using it to damage a company or sabotage a brand or person is a challenging task.
With the proper processes in place, anyone can minimize the risk to the company, ensuring survival after saying sayonara!
I have a strong passion for helping Ottawa Businesses, Entrepreneurs and professionals to become more productive and successful while allowing them to feel at ease and secure when it comes to their Information Technology needs. As the President of Fuelled Networks since 1998, I specialize in providing no-nonsense flawless and prompt technical support to Ottawa businesses, with in-depth consulting on Fortinet, Microsoft, Microsoft Cloud Stack and security. I strive to help businesses to succeed and take great pride in building long-lasting positive relationships and taking on a strong leadership role within the Ottawa community.