Offboarding employees after they've resigned or been terminated is largely a routine process; they turn in their devices, which can then be imaged and archived. But are you routinely investigating their computer activity leading up to their departure? You should be!
Even if your workforce is largely remote, we will discuss the best ways to identify data exfiltration and potential IP theft including:
Investigating alerts of increased network activity, like large downloads and uploads
Seeing which applications the user opened, their internet activity, and whether confidential network shares were accessed
Determining if an external storage device was ever connected to their machine
Pinpointing the user’s location – home, office, public WiFi, etc.