Data Loss Prevention, Insider Risk

Best practices for securing your data when terminating an employee

By Veriato Team

When and where to start

Best practices for securing your data when terminating an employee actually start with the initial onboarding process. Every established organization looking to scale should consult legal counsel after first having drafted an employee handbook. Once created, every employee should be provided an employee handbook outlining the acceptable use policy related to any and all corporate IT resources. It is also imperative (and often overlooked) to have the employee handbook updated periodically as technology and employee responsibilities advance.

Establishing and tracking risk within each department is also a key factor in setting up best practices for data & intellectual property (IP) security within the context of employee conduct in our digital world — this framework also proves itself useful if and when it comes time for terminating an employee. Each position within the company should have an assigned insider threat risk level, with a sufficient amount of activity monitoring within reason. Certain job categories require more active review than others, and it’s up to the organization to determine its own best practices for data & IP security based on information sensitivity.

What to watch out for

While the act of securing your data when terminating an employee may seem fairly straightforward, challenges do exist. For example, some companies still operate with an Employment At Will policy. Essentially, Employment At Will refers to the employee’s right to terminate his or her own employment relationship with the organization at any time and for any reason that he or she sees fit. This also means however that the organization has the right to terminate the employment of any employee at any time for any lawful reason. The employment relationship between the organization and its employees is At Will (the exception being employment covered by a contract.) Regardless of reasons for departure, employers often find themselves with limited time to thoroughly secure valuable data and intellectual property.

Whether an employee resigns, or employment is terminated for cause, Human Resources should be notified and a thorough exit interview should be conducted as soon as possible. Share feedback with employees to ensure you are on the same page so the employee will not be surprised. An organization does not want the employee feeling that they have been discriminated against or terminated without valid reason — this could lead to retaliatory actions by the employee and could potentially put your IP at risk.

Emotional awareness during the exit interview process is key. Be mindful of cues that could signal larger issues within the company.  An employee openly discussing their unhappiness with management or company policies can indicate a potential insider threat. Many employees have a sense of entitlement to company IP they helped to create and recent surveys show as much as 42% of employees have taken an employer’s corporate information when switching jobs — proving the just how important securing your data when terminating an employee truly is.

Keeping your house in order

It’s easier than ever for employees to move IP from a network to USB drives, cloud storage, or their own personal devices. Be exceedingly clear that employees are expected to return and destroy any copies of the organization’s intellectual property they may still have. Regardless of what gave rise to the employee’s departure, activity monitoring is a vital component of securing your data when terminating an employee to ensure the safeguarding of corporate intellectual property.


Deployment of activity monitoring allows an organization to review digital goings on for as long as necessary. If an employee tenders resignation, deploying an active and intelligent monitoring tool allows for the collecting and archiving of digital activity. These tools can also help to analyze the digital activity. Additionally, consideration should be given to monitoring those associated with the departing employee for a period of time, recording their activity for potential insider threat.

In the event that legal proceedings are necessary, properly recorded, organized, and cataloged digital evidence can help an attorney build a strong case. More than three quarters of cases that contain comprehensive digital evidence are settled faster and with far better results.

2023 Preparedness Checklist: Ensure Your Workforce Is Productive and Secure

This guide will help you understand where there are opportunities and risks in your workforce, and what you can do to make sure 2023 is as secure and productive as possible with workforce behavior analytics.

About the author

Veriato Team
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Quis ipsum suspendisse ultrices gravida.

Productivity & Insider Risk Resources

A More Insightful, Proactive Approach to Employee Monitoring

A More Insightful, Proactive Approach to Employee Monitoring

Also known as “bossware” and even “employee surveillance”, employee monitoring has been placed in the bucket of technologies that companies force on their employees. Whatever you call it, its use is on the rise and it looks like it’s here to stay. As of 2022, 60% of...

Bossware and the Future of Work

Bossware and the Future of Work

Recently, there has been considerable coverage of “bossware” and a focus on draconian types of “surveillance” some companies are using to stay on top of remote and flexible workforces. Articles claim companies are accessing the camera on laptops and tracking every...

The Myths and Truths of Employee Monitoring

The Myths and Truths of Employee Monitoring

Early in the pandemic, searches related to “how to monitor employees working from home” increased by 1,705%. Without the oversight of managers in an office setting, many companies are concerned that their employees are less productive, and that there is an increase...