System Access Revocation
System access revocation is the process of removing a departing employee's access to internal systems, software, and data. This ensures that former team members cannot access confidential information, resources, or systems post-departure.
Goal
The primary goal of this process is to protect the organisation's integrity, confidentiality, and security by ensuring that only current authorised personnel have access to sensitive information and systems.
Context
25% of companies have experienced data breaches due to former employees retaining access to corporate systems. This highlights the critical importance of a robust system access revocation process to mitigate security risks.
Inputs
| Artifact | Description | Benefits |
|---|---|---|
| Offboarding Checklist | A comprehensive list of all systems and accounts from which the departing employee's access needs to be revoked. | Ensures no critical systems are overlooked during the revocation process. |
Outputs
| Artifact | Description | Benefits |
|---|---|---|
| Access Revocation Report | A detailed report confirming the revocation of access rights, listing all systems and accounts affected. | Provides documentation for compliance and security audits. |
Anti-patterns
- Delayed Revocation: Waiting too long after the employee's departure to revoke access, increasing security risks.
- Overlooking Shared Accounts: Ignoring accounts that are not individually assigned but may still be accessible to the departing employee.