Employment Termination Policy - Secure Termination of Employment

Employment Termination Policy - Secure Termination of Employment


Termination of employment may be due to resignation, change of role, suspension or the end of a contract or project.  The key requirement is that access to Uprise information assets is removed in a timely manner when no longer required by the user.


  1. Termination Responsibilities


Line managers must notify the CTO in a timely manner of the impending termination or suspension of employment so that their access can be suspended.


The CTO must notify the appropriate system owners who must suspend access for that user at an appropriate time, taking into account the nature of the termination.


Responsibilities for notifying changes, performing employment termination or change of employment must be clearly defined and assigned.


  1. Return of Assets


Processes must be implemented to ensure that users return all of the organisation’s assets in their possession upon termination of their employment, contract or agreement.  This must include any copies of information in any format.


  1. Removal of Access Rights


Processes must be implemented to ensure that all access rights of users of Council information systems shall be removed in a timely manner upon termination or suspension of their employment, contract or agreement.


Processes and responsibilities must be agreed and implemented to enable emergency suspension of a user’s access when that access is considered a risk to the Company or its systems as defined in the Information Security Incident Management Policy

Access control Check list:


  • Retrieve or disable all company-owned physical assets. E.g. laptop, phone, tablet, keys, ID card, magnetic swipe card, security token, and more.


  • Disable all internal user accounts to which the employee has access. 


  • Change any shared passwords the employee knew, and shut down their access to off-premise or third-party services.


  • Disable access to the employee’s company email account. Forward the mail to someone else at the company.


  • Disable access to the employee’s phone and voicemail account. Even in an age when phones seem dated, you don’t want to overlook this access channel.


  • Terminate VPN and remote-desktop access


  • Change door codes or PINs to disable physical access to the company’s premises.


  • Perform a complete back up of the employee’s hard drive if the data isn’t already saved and archived in the cloud or as part of your company’s general back-up routine.


Termination Procedure:


Employee Type:

Procedure

Coach contractor


  1. Update Managers, team of termination immediately


Determine if Coach is leaving temporary or permanent


Temporary termination:

  1. Disable the coach in the CRM


Permanent termination:

  1. Request the employee fill out the Employee exit checklist form

https://drive.google.com/open?id=0B2GnnbWiW3gBQkZ1WmZoVzhFR3M

  1. Disable coach from Uprise bookings via CRM

  2. Disable the coaches Auth0 account

  3. Deactivate slack account

  4. Remove coach details from Employee wiki

  5. Assign all coaches intercom clients to a new coach. Inform intercom clients coach has left the program

  6. Remove coach user account from intercom

Tech support

  1. Update Managers, team of termination immediately.

  2. Request the employee fill out the Employee exit checklist form

https://drive.google.com/open?id=0B2GnnbWiW3gBQkZ1WmZoVzhFR3M

  1. Revoke all shared passwords from last pass

  2. Change shared account passwords in last pass, update the passwords in last pass.

  3. Deactivate slack account

  4. Revoke access to Uprise email

  5. Remove user account from intercom

Developers

  1. Update Managers, team of termination immediately.

  2. Request the employee fill out the Employee exit checklist form

https://drive.google.com/open?id=0B2GnnbWiW3gBQkZ1WmZoVzhFR3M

  1. Revoke all shared passwords from last pass

  2. Change shared account passwords in last pass, update the passwords in last pass.

  3. Deactivate slack account

  4. Revoke access to Uprise email

  5. Remove user account from intercom

  6. Remove users account from bitbucket

  7. Remove users ssh key from authorized_keys list on AWS instance

  8. Remove IAM role from AWS

Product managers

  1. Update Managers, team of termination immediately.

  2. Request the employee fill out the Employee exit checklist form

https://drive.google.com/open?id=0B2GnnbWiW3gBQkZ1WmZoVzhFR3M

  1. Revoke all shared passwords from last pass

  2. Change shared account passwords in last pass, update the passwords in last pass.

  3. Deactivate slack account

  4. Revoke access to Uprise email

  5. Remove user account from intercom

Sales

  1. Update Managers, team of termination immediately

  2. Request the employee fill out the Employee exit checklist form

https://drive.google.com/open?id=0B2GnnbWiW3gBQkZ1WmZoVzhFR3M

  1. Revoke all shared passwords from last pass

  2. Change shared account passwords in last pass, update the passwords in last pass.

  3. Deactivate slack account

  4. Revoke access to Uprise email

  5. Remove user account from intercom



Jay Spence