Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity & Business Resilience

The Security Risk No One Talks About During Layoffs: Offboarding

By Chase Doelling
Round table

Arlington Research via Unsplash

June 10, 2025

In our current unpredictable economic environment, announcements of workforce reductions have become a frequent occurrence. Not only in the private sector but also across federal agencies such as the Department of Health and Human Services, the Department of the Treasury, and the Cybersecurity and Infrastructure Security Agency. While much attention rightly focuses on the human and operational impacts of layoffs, an important risk often remains unaddressed: security.

Organizations often devote considerable effort and coordination to onboarding new employees, provisioning appropriate access, delivering training on acceptable use, and implementing identity verification protocols. Yet, when those same employees depart, particularly during layoffs involving numerous people and tight timeframes, offboarding procedures are often inconsistent and haphazard. Processes may be manual and fragmented, communication between departments can falter, and overwhelmed IT teams are left scrambling to keep up.

This gap in process and priority creates a significant insider threat that is often overlooked but deserves much more scrutiny in the era of frequent workforce transitions.

Addressing the Insider Threat

Insider threats account for a notable portion of security incidents, whether those threats are the result of malicious intent or simple negligence. Nearly 90% of former employees maintain access to sensitive corporate systems and data after their departure. These lapses, such as former employees retaining access to sensitive systems put organizations at significant risk. The failure to promptly revoke access across any system or platform can lead to data breaches, regulatory non-compliance, and significant financial losses. This is usually not due to ill will, rather because identity and access management systems have not adapted to meet the urgency and complexity that modern offboarding demands.

In situations of mass layoffs, IT teams may receive lists of hundreds of employees to offboard with very limited notice. They are often required to deactivate accounts and revoke credentials within hours or even minutes. Without automated workflows and robust coordination across HR, IT, and security teams, the process of disabling access across all relevant platforms is a race against time. Human error in such circumstances is almost unavoidable, heightening the risk of insider threats.

Today’s hybrid work environment and cloud-based collaboration tools mean access is no longer confined to physical offices or corporate devices. It encompasses cloud applications, shared drives, software-as-a-service platforms, remote servers, and even third-party integrations. This broad attack surface demands timely and thorough access revocation to prevent insider threat vulnerabilities.

Why Offboarding Remains a Persistent Challenge

The complexity of offboarding lies in the accumulation of employee privileges over time. Staff members often acquire access to a wide range of resources, including financial data, customer records, proprietary code repositories, and executive communications. These privileges tend to be distributed across multiple systems and organizational silos. Without a centralized and current identity and access management framework, it is a daunting task to ensure access is comprehensively revoked in a timely manner.

This challenge has grown more complicated in recent years due to the rise of remote work and Bring Your Own Device (BYOD) policies. Simply reclaiming physical assets such as badges or laptops no longer guarantees the removal of all sensitive data access. Former employees may retain synchronized files on personal devices, stored passwords in browsers, or access to unmanaged applications.

Adding further complexity to this offboarding challenge is the issue of shadow IT. The use of unauthorized software, applications, and cloud services by employees without formal approval or oversight is constantly growing. Shadow IT proliferates outside the control of IT departments and often bypasses established security protocols and monitoring. When employees leave, their access to these unmonitored tools can persist, posing serious risks to data security and compliance. You can’t remove access if you didn’t know it existed. 

Effective Strategies to Address Offboarding Risks

To mitigate the risk of insider threats, especially in times of or in preparation for mass offboarding, organizations must elevate offboarding to the same level of priority and rigor as onboarding. The following strategic practices are critical to securing the offboarding process:

  1. Automation of Offboarding Procedures: Utilize identity and access management tools that integrate with your IT ecosystem to automatically revoke access and deactivate accounts as soon as an employee departs. Manual processes cannot keep pace with the velocity of modern workforce changes.
  2. Regular Access Reviews and Audits: Establish periodic reviews of user access privileges, with a particular focus on privileged accounts. This practice helps identify and remove outdated permissions for former employees and prevents unnecessary privilege accumulation among current staff.
  3. Cross-Department Collaboration: Ensure that human resources, IT, and security teams maintain clear and timely communication. A formalized offboarding workflow triggered immediately by employment status changes can reduce delays and avoid confusion during the deprovisioning process.

Leadership’s Role in Securing Workforce Transitions

Workforce changes are an unavoidable part of doing business, but organizations cannot afford to allow their security controls to lag behind these transitions. Incomplete or delayed offboarding is not merely a technical failure; it reflects broader leadership and governance shortcomings. Executive teams must promote a security-first culture that treats employee departures with the same level of discipline and care applied to onboarding.

As cyber threat actors become increasingly opportunistic and regulatory requirements surrounding data protection intensify, organizations must recognize that effective offboarding is foundational to a resilient security posture. It demonstrates an organization’s commitment to protecting its data, reputation, and long-term viability.

KEYWORDS: insider risk insider threats

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Chase doelling headshot

Chase Doelling is Principal Strategist at JumpCloud. Image courtesy of Doelling 

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Cybersecurity
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Columns
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    New Security Technology
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Coding

AI Emerges as the Top Concern for Security Leaders

Half open laptop

“Luigi Was Right”: A Look at the Website Sharing Data on More Than 1,000 Executives

Shopping mall

Victoria’s Secret Security Incident Shuts Down Website

Laptop with coding on ground

Stepping Into the Light: Why CISOs Are Replacing Black-Box Security With Open-Source XDR

Gift cards and credit cards

Why Are Cyberattacks Targeting Retail? Experts Share Their Thoughts

2025 Security Benchmark banner

Events

June 24, 2025

Inside a Modern GSOC: How Anthropic Benchmarks Risk Detection Tools for Speed and Accuracy

For today's security teams, making informed decisions in the first moments of a crisis is critical.

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

From animal habitats to bustling crowds of visitors, a zoo is a one-of-a-kind environment for deploying modern security technologies.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • workplace

    84% of employees concerned about returning to the physical workplace during COVID-19 pandemic

    See More
  • covid-19 survey

    Survey Shows How the Security Industry is Mitigating Risk during COVID-19

    See More
  • security leadership responsive default security

    Why Reputational Risk is a Security Risk and What to Do About It

    See More

Related Products

See More Products
  • Risk-Analysis.gif

    Risk Analysis and the Security Survey, 4th Edition

  • security culture.webp

    Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

  • 9780367339456.jpg.jpg.jpg

    Cyber Strategy: Risk-Driven Security and Resiliency

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing