Many years ago, we realized we needed a check list for all incoming and departing employees. There are so many things to consider on both sides of the relationship, so these checklists have been invaluable! How about you? Do you have a checklist to on board new staff? Next question – do you have a checklist to off board?
When bringing on a new employee, they may need specific company procedures; a network or hosted server log on with specific document rights; a login to your accounting software with a specific security group or access limitation; a company-issued cell phone; a company computer; access to certain software programs, some of which might be in the cloud; a name badge; specific tools for their role (we have a tech ‘trunk’ bag with all kinds of testing equipment); they’ll need their email setup, and maybe access to other calendars; maybe they need a company credit card; maybe you provide a company truck; they have to be setup in payroll with wage info, Married/Single, and all the right forms; when in the office, where will they sit?
Most people would agree that it takes a lot of effort to bring a new employee on board, which is a lot of planning. So how much thought do you give to an exiting employee? If they’re on their way out, just grab their gear and move on, right? Not so fast; we’d like you to consider a couple of other things, specifically as they relate to critical software, network access, document access, and licensing.
Where to start? Well, let’s start with one of the most common questions we hear, which is one of the biggest risks to your data. When an employee departs, did you contact your IT company and let them know? At a minimum, their password should be changed right away so they don’t have access to log into the network or the hosted server. Depending on their role in the company, it may even warrant a lock down across the network.
Their email password should be changed and the account should either be forwarded to someone else (hosted Exchange), or changed to a shared mailbox to retain access and free up the M365 license. If you’re using M365 OneDrive and/or SharePoint, you’ll definitely want to contact your IT group and make arrangements to limit OneDrive access and to turn off SharePoint access on any computers they may be using at home. You may have collected their company computer, or they used one in the office, but if they worked remotely, they may have installed M365 on a home computer or laptop. If that’s the case, they can log in unless you’ve changed the password and made a few changes.
Many accounting project management software packages and CRM (Customer Relationship Management) software use Windows authentication. That means that if the user’s network logon and password gets them on the server, they can then launch the software. In addition to changing their network password or removing their account, you’ll want to remove them or change security in your accounting software or CRM.
You might have other software packages that are web-based. This might be a phone system (VoIP), a CRM, a banking site, a scheduling or project management program (ProCore, for example). Do you have a list of what software you setup for them? If you do, be sure to take that same list and change passwords, update access, or remove users. If the vendor invoices charge for the software by user counts, you’ll definitely want to reach out to them. Sometimes all you can do is free up a license because you’ve committed to a certain number of licenses for a period of time or the licenses were part of a purchase; other times you can make adjustments to actual users and the invoices are month to month.
BTW – when you release an employee and they have health benefits for example, there are rules about when you can remove the coverage and either expect a credit, or see the change reflected. The same is true for IT-related licenses, backups, email, and other services. License counts are pulled by these vendors on a specific day. If you release someone on the 25th of the month, you will most likely have to pay for that person through the end of the month. If you on board someone on the 25th of the month, it’s possible you won’t be charged for that license until the next full month. Just like the markets, there’s no use trying to ‘time’ it.
For those of you who have IT services with us, please be sure to call us when an employee departs. At a minimum, passwords and access should be changed. You may have other access or data that needs to be locked down. There are a number of services that are based on user counts including hosted Exchange, Microsoft 365, Office licenses, anti-virus licenses, remote access licenses (RDP), F.I.T. System as examples. These can be updated, and in some cases, your billing might change in the next month unless there are minimums.
So, you might want to create and employee departure list (we call it the Exit List). If you already have one, hopefully this gave you some ideas of items you might want to add and follow up on. – CMW