Massive Layoffs in 2024 Create a Serious Threat to Your Cybersecurity
The massive wave of layoffs in 2024 brings a cybersecurity threat that many medical practices in Las Vegas aren’t focusing on – offboarding employees. Even top healthcare institutions that you would expect to have top-notch cybersecurity systems and procedures in place can fail to adequately protect themselves from insider threats. This August marks a year since two disgruntled healthcare employees went rogue after being let go and exposed the personal information – including names, addresses, phone numbers, and even Social Security numbers – of over 75,000 people.
And, of course, the issue is expected to get worse. According to recent reports, as of May 24, 2024, 298 US-based companies have laid off 84,600 workers and counting. This includes major layoffs at big companies like Amazon, Google, and Microsoft, as well as smaller tech start-ups. In total, around 257,254 jobs were eliminated in the first quarter of 2024 alone.
Whether or not your medical practice will need to downsize this year, having a proper offboarding process in place is essential because it’s more than a routine administrative task – it’s a critical security precaution. Failing to revoke access for former employees can lead to serious business and legal implications later.
Key Security Risks of Poor Offboarding
Theft of Intellectual Property
Employees can sneak away with your practice’s files, patient data, and confidential information stored on personal devices. They can also retain access to cloud-based applications like file-sharing sites that your IT department doesn’t know about or forgets to change the password to. A study revealed that 69% of businesses experience data loss due to employee turnover, and 87% of employees who leave take data with them.
Compliance Violations
Failing to revoke access privileges and remove employees from authorized user lists can register you as noncompliant in heavily regulated industries like healthcare. This simple mistake can result in large fines, hefty penalties, and legal consequences.
Data Deletion
If an employee feels unfairly laid off and retains access to their accounts, they could easily delete all their e-mails and any critical files they can get their hands on. If that data isn’t backed up, you will lose it all.
Data Breach
This could be the most terrifying of all. Unhappy employees who feel wronged can make you the star of the next devastating data breach headline and incur a costly lawsuit to go with it. It could be as simple as making one click and downloading, exposing, or modifying your patients’ private information, financial records, or even trade secrets.
How to Properly Offboard Employees
Implement the Principle of Least Privilege
Successful offboarding starts with proper onboarding. New employees should only be given access to the files and programs they need to do their jobs. This should be meticulously documented to make offboarding easier.
Leverage Automation
Your IT team can use automation to streamline revoking access to multiple software applications simultaneously, saving time and resources while reducing the likelihood of manual errors.
Implement Continuous Monitoring
You can implement software that tracks who is doing what and where on the company network. This can help you identify suspicious behavior by an unauthorized user and help you determine if a former employee retains access to private accounts.
These are only a few ways your IT team can help improve your offboarding process to make it more efficient and secure. Insider threats can be devastating, and if you think this can’t happen to you, think again. You have to be proactive in protecting your medical practice.
Contact ETS today to ensure your medical practice in Las Vegas is secure against insider threats.