Bloomberg Anywhere Remote Login Bloomberg Terminal Demo Request


Connecting decision makers to a dynamic network of information, people and ideas, Bloomberg quickly and accurately delivers business and financial information, news and insight around the world.


Financial Products

Enterprise Products


Customer Support

  • Americas

    +1 212 318 2000

  • Europe, Middle East, & Africa

    +44 20 7330 7500

  • Asia Pacific

    +65 6212 1000


Industry Products

Media Services

Follow Us

Bloomberg Customers

Businessweek Archives

Why Former Employees Are a Cybersecurity Risk

When most business owners think about securing their computer systems, be it on the desktop or the network, they almost always visualize the primary enemy as an evil hacker looking for vulnerabilities to exploit and valuable data to steal. I’d like to challenge you to be wary of another dangerous adversary: ex-employees with access to system accounts (and default settings) who remain active after they’ve left your company.

Whenever the risks associated with insiders are discussed, the conversation usually focuses around disgruntled and/or malicious employees within the firewall abusing permissions to steal data or plant malware in the network. But that orphaned account—the ex-employee who still enjoys e-mail access and who knows the default passwords to the sensitive parts of your network—is a bigger risk yet and is often forgotten.

I’d wager a bet that more than 75% of small businesses have no idea how many orphaned accounts exist within their organization. Ask yourself, do you have a procedure—or the resources—in place to automatically nuke every user credential for exiting employees? Didn’t think so. Do you have a coherent strategy for locating orphaned accounts and mitigating that risk? And do you, as the small business owner, even know where all your IT assets are and who has access to them?

In these tough economic times, you do have to be prudent about expending resources but be sure to spare some room in your IT security budget to create a formal policy for dealing with ex-employee accounts that never get disabled.

Security Evangelist

Kaspersky Lab, Americas

Woburn, Mass.

blog comments powered by Disqus