When someone has the keys to the kingdom, what do you need to do when that person leaves? Change the locks, of course!
Letting anyone go is an odious experience, usually. Losing or letting an IT administrator go can be even trickier since they usually have access (sometimes SOLE access) to many of your critical systems. When terminating an IT admin, you must go carefully to minimize the risk of data destruction or theft.
First of all, timing is everything. If you’re letting your only IT person go, it helps if you have a trusted partner like us to help you complete the following while you are meeting with the person in question. Here’s where you can start….
Change password and access to their email address/domain
It’s highly likely this person’s email is used with vendors for logins and has admin access to your systems. Don’t delete it – just lock the user out by changing the password. You’ll need access to this to reset any accounts this person had with outside vendors (like, say, for your Microsoft license agreements) or portals, or to log into your backup system, for example.
Disable remote access
Firewall management, VPN access, etc. are all additional ways this person could still access your systems. Disable it or in the meantime, change the passwords.
Update passwords for all service accounts and network devices
Those portals and vendor sites? Yep, change those passwords, too. Got any other network devices that your IT person could log into, like a printer or a switch management plane? Those all need changing too!
Miscellaneous other access or documentation
Locate your documentation (like your disaster recovery plan, for example) and make sure it’s saved in a safe place where you and your team can access it should you need it. And if you had a key system to get in and out of your facility (or co-located data center), make sure you’ve revoked that person’s access, too.