Technology

Step Away From the Laptop

By Sarah Fister Gale

Aug. 21, 2013

When Rachel Phillips, a freelance project manager, ran a digital media project for Victoria’s Secret in 2012, the company provided her with a laptop, password access to the network and an ID card to get into the building. Her contract for the project was very clear about the expectations for her work — but there was nothing in it about what would happen once the project ended.

“When the time came for offboarding, I just dropped off my equipment at the front desk and left,” she said. She later realized she forgot to turn in her ID card, but no one ever called her about it, and she’s not sure if it even still works. 

Such lapses in security related to departing contract workers are surprisingly common, said Chris Dwyer, research director for Ardent Partners, an analyst firm in Boston. He notes that it is not uncommon for companies to discover that temporary employees have access to the ERP system months after they left because the company had no formal offboarding process.

“Companies fail to realize how much corporate information contractors have access to,” he said.

To avoid these security risks, companies need to put as much thought into the end of a project as the beginning. Ideally, the contractor’s access to the network should be automatically shut off on a predetermined end date as part of the contract, Dwyer said. If the project goes over that date, a manager can request a deadline extension, or have access reinstated if it gets shut off too soon.

“The time lost getting a contractor back online is a much lower risk than having them walk away with all your company information,” Dwyer said.

The contract should also stipulate what the contractor should do with any company equipment, including laptops, phones, key fobs and passcodes when the project ends, Phillips said. And there should be a formal sign-off when the handover is made.

That adds security for the company and the contractor, she said. “A sign-off protocol ensures everyone knows who has the equipment, so they can be held responsible for it.”

Sarah Fister Gale is a freelance writer based in the Chicago area. Comment below or email editors@workforce.com. Follow Workforce on Twitter at @workforcenews.

Sarah Fister Gale is a writer in Chicago.

About Workforce.com

blog workforce

We build robust scheduling & attendance software for businesses with 500+ frontline workers. With custom BI reporting and demand-driven scheduling, we help our customers reduce labor spend and increase profitability across their business. It's as simple as that.

Book a call
See the software

Related Articles

workforce blog

Technology

4 Ways to Maximize HR and WFM Data

Technology and cloud-based applications and platforms enable companies to gather more data, but can the...

workforce blog

Technology

How to prevent workforce management system outages: mitigation through redundancy

Summary Workforce management data breaches and outages are a very real threat Businesses should build r...

data breach, network security, payroll system, system outage, workforce management

workforce blog

Technology

Kronos (UKG) data breach leaves businesses in the dark for “several weeks”

Summary Workforce management company Kronos (UKG) suffers ransomware data breach Kronos Private Cloud a...

data breach, Kronos, ransomware, security, UKG