What’s one of the most important, yet pain-staking and time-consuming tasks to tackle? Offboarding employees.
You know it, we know it.
But if offboarding isn’t done properly, a whole bunch of security risks — and incidents — can crop up.
Take passwords, for example. In a recent study, 47% of employees admit using their former employers’ passwords to access accounts after leaving their organization.
( Yup, that’s definitely not good. 😱)
That’s for passwords — imagine what all of the security risks might be for offboarding SaaS applications, especially when organizations across the globe average about 110 SaaS apps. Scary, right?
There’s been a lot of employee turnover in recent years, especially now with layoffs and economic uncertainty. As a result, securing the offboarding process is more of a struggle than ever before.
The trouble with offboarding SaaS applications
Offboarding has so much complexity to begin with, and that’s only compounded by the diverse and increasing amount of tech employees use. And there are more challenges when employees are working hybrid or remote, too.
SaaS applications are one of those areas that causes all kinds of headaches. Given that organizations use hundreds (or even thousands) of SaaS apps, it’s a grind to understand and manage what’s happening in the entire SaaS stack.
But proper offboarding actually starts at the onboarding stage. For instance, some users may have or gain extraneous permissions to SaaS apps from the get-go, allowing sensitive data to be easily viewed, exported, or shared.
Or some employees use SaaS apps without approval from IT and security, installing new tools or linking them to their personal accounts. (Hello, shadow SaaS!) Employees may become targets — if not victims — of threat actors trying to gain access to an organization’s sensitive data.
The more SaaS apps used by employees, the more the apps impact offboarding. Without an effective process, maintaining SaaS compliance, governance, and security only gets more challenging. In some cases, former employees can still access SaaS apps outside of their organization’s single sign-on (SSO). Or threat actors can access sensitive data through the apps’ local user credentials — even if an employee’s credentials are revoked.
The key to improving SaaS offboarding: actionable visibility
Offboarding (in theory) is easy, but it’s not. Maybe the tools or resources aren’t there to facilitate offboarding. More often than not, offboarding is done manually — making for a time-intensive, potentially error-prone task.
Deleting all corporate application accounts for one former employee can take up to one hour. And that doesn’t include canceling an employee’s access to their devices and networks.
Improper offboarding has broader implications with budgets and resources. Take licensing, for example. After employees leave, the SaaS applications remaining on their devices may not get transferred or removed. The SaaS licenses remain active long after they’re gone — and are at risk for being compromised.
With the current state of the economy, costs are a huge factor. Getting a full picture across the entire SaaS app landscape can provide actionable visibility into spend. Specifically, where redundant apps, or underused or duplicate SaaS licenses are.
Beyond spend, actionable visibility also gives insight into SaaS security risks like shadow SaaS, weak access controls, and incorrect settings configuration.
Understanding what’s going on in the entire SaaS stack saves countless hours, eliminates mistakes, and makes the entire offboarding process much easier.
Take a deeper dive into improving your offboarding SaaS application process by reading our expert guide on cost optimization.