Small-biz tip: Don't overlook this digital danger

Are you the type of business owner who forgets about ex-employees as soon as they’re gone? Failing to remove former employees’ access to your systems and data could lead to security breaches. Don’t let poor offboarding practices be the weak link in your cybersecurity chain.

How improper offboarding can hurt your business

Whenever an employee leaves the organization, you must remove their access to company systems and data. That’s especially true if you’ve laid off an employee. They may feel a sense of anger or resentment towards the company, which makes them more likely to be malicious.

It’s more common than you might think. A recent study from Beyond Identity examined how ineffective offboarding impacts a business’ cybersecurity. They found that one in three employers has been hacked due to ineffective offboarding.

Oh, and most former employees say they can still access company files. Researchers say 91% of employees can still see private files after offboarding earlier last year. Do you want former employees to know what you’re doing a year later? Probably not!

Plus, the study found only 21% of employers deactivated an employee’s account immediately after they let the worker go. It took 29% a whole week to cut the strings.

Offboarding is the process of removing an employee's access to company resources after they leave. Do it correctly to remove security risks.
Image from Beyond Identity.

Overall, businesses estimated they lost $7,687 to ineffective offboarding. In other words, it’s a mistake you can’t afford to make. Want to build better business practices? Here are the three lessons Kim has for fellow business owners.

Offboarding dangers for small-business owners

⚠️ If you don’t completely cut off former employees, you’re taking on a ton of risks, like:

  1. Insider threats: Former employees who can still access company systems and data can steal confidential information or sabotage your systems.
  2. Social engineering: I talk a lot about how dangerous phishing scams are. They can level a company’s computer systems. Former employees are especially dangerous because they know social details about the workplace, which can help them access sensitive information or networks.
  3. Revenge: In some cases, fired employees may attempt to cause harm to their former employer out of revenge, such as launching a denial-of-service attack or spreading false information about the company.

Beyond Identity’s survey found that 86% of employees have considered taking negative actions against a former employer. People who actually went through with retaliation had diverse reasons: 37% said they didn’t get a raise, while 29% cited a bad relationship.

Continue reading

Nosy, nosy: With iOS 18, you can now bring up a list of all apps with access to your contacts. Open Settings > Privacy & Security > Contacts. Here, you’ll see a list of apps. Tap Limited Access for any that shouldn’t get every little detail.

How to download your entire Facebook

Open/download audio

What if you suddenly lost access to your Facebook — years of photos, posts, and memories gone? I’ll tell you how to back up your account so you don’t lose it all if something goes wrong.

🚨 Wookie mistake: You’ve probably heard about the recent National Public Data breach, which exposed the deets of 2.9 billion people. Now, a sister site with access to the same consumer records as NPD accidentally published passwords in a publicly accessible file. Nutso. It was available until Aug. 19. If you haven’t yet, I strongly advise you to freeze your credit.

1 in 4 kids

Faces identity theft before they turn 18. And age verification might make the problem much worse. Think about it: To get access to social media, your kid uploads their name, face, and a document or two. One breach and a criminal has it all.

🛑 Stop, thief! If someone gets your iPhone, they can disable Find My in the Control Center. Be smart and make it so they can’t. Go to Settings > ID & Passcode (or Touch ID & Passcode if you’re using an older model with a home button). Enter your passcode, scroll to Allow Access When Locked, and toggle off the Control Center option.

Principle of least privilege: Business owners, ask your IT folks if your accounts are set up this way. It means users and systems only get access to what they need to get their tasks done. It’s a simple way to keep your info safe.

😲 Stick to legitimate banks: Thousands of folks who put money into the Juno savings app are screwed. The company that provided Juno’s digital transaction ledgers collapsed, and no one can access their funds. One guy lost $38,000. Keep your savings in an FDIC-backed bank and those account balances under $250,000.

Baby- or snoop-proof your iPad: Activate Guided Access. Just triple-click the home button once you’re in the app you wish to lock, then triple-click again to exit and enter your passcode. Now, your kid can play a game or your pal can scroll photos — and nothing else.

🥫 Inflation hits hard: A guy is going viral on TikTok for tapping the “Reorder” button in his Walmart grocery app. What was $126.67 two years ago for groceries (45 items) is now $414.39 for the very same products. I wouldn’t be surprised if Walmart limits access to past order histories.

🚨 Don’t chance it: TeamViewer, the go-to remote access tool, was hacked by Russian spies. The company says the breach was limited to its corporate network, but, hey, I’d assume they accessed customer files, too. If you have it, change your password pronto and set up 2FA. Share this one with your favorite IT pro.

Calling all tech nerds: In Chrome, you can access experimental or beta features. In the address bar, type chrome://flags and hit Enter. Scroll through and see if any catch your eye.

🚨 Buddy, can you spare a phone? If a stranger or someone you don’t know very well asks to borrow your phone, don’t fall for it, even if it’s a teen. They’ll quickly access your payment apps and transfer money directly into their accounts. If you really want to help someone in need, offer to make the call for them and keep it on speaker.

Delete this app: For years, Bartender was a reliable app for decluttering your Mac’s menu bar. But it was just sold to an unknown owner, and no one’s been able to contact Bartender’s founder. Bartender records your Mac screen to function, which means it’s not something you want to give a sketchy developer access to. Delete it ASAP.

From the “I’m-from-the-government-and-I’m-here-to-help” department: Effective June 1, the federal internet subsidies that gave 20 million low-income U.S. families access to speedy internet are over. Here’s a list of providers offering discounted internet prices through the end of 2024.

I love free: ChatGPT just made free a bunch of features that were once exclusive to paid plans. You now get real-time web responses, data analytics, chart creation, file upload and the ability to remember you, plus access to custom versions of GPT. The catch? Only 10 requests a day.

Blessing in disguise: Back in 2013, a guy lost access to his digital crypto wallet filled with 43.6 bitcoin. The file with his 20-character password got corrupted, and it seemed like the money was lost forever. Fast-forward to now: Some very smart hired help cracked the code, and the guy’s now sitting on nearly $3 million. Bet he’s really glad he didn’t sell early.

🆓 Free magazines: With an Amazon Prime account, you can access a rotating library of popular magazines free for 30 days. Check them out here. Titles include Wired, Popular Science, Reader’s Digest and Taste of Home. Score.

We may receive a commission when you buy through our links, but our reporting and recommendations are always independent and objective.

🎮 Score cool points with the kids: Share these fun facts. Microsoft is adding its next “Call of Duty” installment to Xbox Game Pass, moving away from its tradition (paywall link) of only selling it as an independent title. By adding it only to their Game Pass subscription service, once that subscription ends, so, too, does your access to the game. Meanwhile, “Grand Theft Auto VI” is expected to drop in fall 2025.

Sorry I missed your call: Hackers can use your “voice fingerprint” to access voice-protected financial records or rip off your relatives. Pro tip: Delete your outgoing voicemail message if it uses your voice, and replace it with a generic robot-voiced default.