How to Prevent Employee Sabotage

Since we’re in the season of Halloween, we thought it was an appropriate time to address every small business owner’s worst nightmare, employee sabotage! (Cue the lightning bolts and maniacal laughter.) But in all seriousness, if a disgruntled employee attempts to steal or otherwise compromise your business information or data for malicious purposes, it can have devastating consequences for your small business. 

Is employee sabotage really that big of an issue?

The short answer is, of course, yes, and there are a multitude of recent examples that explain why employee sabotage is such a serious issue.

In June of 2021, a woman in New York was fired from her remote job with a credit union. The IT department was requested to disable the former employee’s network access, but did not do so. Just two days after her dismissal, the former employee accessed the company’s file server and deleted 21.3 GB of data in less than an hour. The deleted data included private information, such as mortgage loan applications, and security software that included the company’s anti-ransomware protection. And she did this all with remote access to the company’s server.

The credit union paid thousands of dollars to back up and recover data, in addition to managing a PR nightmare and trying to reassure clients whose data had been compromised. The sabotage didn’t just cost the credit union financially; it damaged their reputation, which may have lost current and future clients.

How do I prevent employee sabotage?

The big question is, how could the credit union have prevented this employee from maliciously sabotaging their company? There is a multi-pronged answer to this question. 

On the one hand, it’s easy to blame the IT team; if they had disabled her access as soon as it was requested, she would not have been able to access the servers after her dismissal. But on the other hand, there could have been more stringent HR policies in place. Mistakes like these slip through the cracks when there isn’t an established protocol for employee dismissal. Ideally, HR and IT would have coordinated so that her access was being disabled as she was in her exit interview.

Another aspect that complicated this situation is that she was a remote, part-time employee. For many larger companies and businesses, the hiring of part-time, contract, or freelance workers happens outside of HR’s purview. It can be very easy for a smaller department of a large company to go through their own channels and hire contract workers to assist with large projects or work part time during high-volume business cycles. It’s just easier that way; no going through HR, no worrying about benefits, just hire a freelancer and pay them out of your own budget reserves. What could go wrong?

This scenario is becoming increasingly common, not just because of the ease of hiring part-time or remote workers in a digital era. The pandemic has pushed more businesses to think more flexibly about long-term remote work. More and more employees are accessing sensitive information from home. And with many businesses operating within the cloud, it is a foregone conclusion that everything in the cloud is backed up and secure. 

So the short answer to preventing employee sabotage is to have an iron-clad policy and preventative measures in place for how HR and IT will work together to address all aspects of an employee’s termination. Whether an employee leaves on good terms or not, the IT team should be removing access either while the employee is wrapping up with HR, or as soon as the employee walks out the doors.

IT needs to have an accurate list of all the systems that the employee has access to. This can include email accounts, servers, business apps, and more. Anything that an employee can log into is an area that could be exploited, so IT needs to systematically work through removing access to everything that the employee touched. The IT team should also run regular reviews of the current security measures that are in place. This includes antivirus software, firewalls and malware protection, plus the physical security of your office and your servers, if stored offsite.

For HR, protecting the security of the business starts with the hiring process. Background checks for prospective hires are vital to ensuring that incoming employees have no instances of sabotage or other employment red flags on their record. HR should also provide regular cybersecurity training that encourages a company culture of thoughtful attention to security issues.

The security policy and action plan should be reviewed at least annually so that both HR and IT have a dedicated time to review the step-by-step process for employee termination. HR and IT are two very different worlds, so it only makes sense to give both regular opportunities to think critically about their roles in employee termination and suggest best practice improvements year over year. A good security strategy has to include the input and support of both departments.

Tech Masters is a leader in protecting the cybersecurity of small businesses. We can help you address weak areas in your cybersecurity plan and give you the best-value options for protecting your small business from sabotage.

For answers to some of your most important inquiries regarding employee sabotage, check out our frequently asked questions and answers below. 

FAQ’s

What is employee sabotage?

There are many types of employee sabotage. It happens when a current or former employee inflicts damage to the property, product, service, or reputation of their employer. Examples of employee sabotage include: bad-mouthing a former employer in an online smear campaign, damaging or deleting important files, sharing sensitive or private information, damage to company property, and stealing intellectual property.

How can employee sabotage be prevented?

Employee sabotage can best be prevented by the conjoined efforts of the HR and IT departments. IT must ensure company safety by having robust cybersecurity measures in place and by acting quickly to remove access when an employee leaves the business. HR best supports their efforts by having a systemic process in place for employee termination and communicating both the timeline and their needs to IT. This coordinated effort ensures that once a former employee has left the building, they are also leaving behind all access to company information.

What do I do if an employee sabotages my small business data?

In the event of employee sabotage or security breach, immediately remove the angry employee’s access to all systems. If a data breach has occurred, work through your back-up and recovery plan. Work with your communications department to craft a statement to inform your clients of the sabotage and how it may affect their privacy. You can also consider working with a crisis management firm to get ahead of negative PR.