X hits on this document





10 / 28

Figure 4 shows the IBM security management approach to risk adapted to the employee offboarding scenario.

Number of malicious incid ents from laid

off empl oyees and th eir financial i mpac .

Ent it le m ent re m ova l control processes

Identity,A ccess & Enti tlement Mgmt

Of -boarding d i r ec t iv e s a n d performance goals

Data & Informati on P rotection Mgmt

Com mand and Contr l Mgmt

S ecu ity Policy Management

S of tware, System & Se rv ic e Ass u ra n ce

I T Se r vic e Ma n ag e me n t

Performance & Com pli an ce

me t r ic s

Threat& Vulnerabilit y Ma n ag e me n t

Directive compliance reports Performance metric reports

P hysical A sset Ma n ag e me n t

Risk & Com pli ance As se ss me n t

Pro cess risk assessment

Performance met i cs fo r of -boarding processes Process completeness and integri y reports

Kno l edge

Figure 4 Foundational Security Management controls closed loop for employee offboarding

The employee offboarding controls are broken down into processes for each of these components of IT system management and are described in the following sections.

Security Policy Management

In the employee offboarding scenario, the necessary security policy is relatively straight forward because the approach to mitigating the risk is simple to describe. Let us take a closer look at the following details:

  • Develop an employee offboarding policy.

  • Classification of IT systems and HR processes.


Develop an employee offboarding policy

Based on known past incidents involving the abuse of IT systems access by employees who have left the organization, the Chief Information Security Officer (CISO) should identify the systems that pose the highest risk for abuse and the HR scenarios that are most likely to incite malicious activity by leaving employees.

For the purpose of our discussion, we assume there are two categories of systems with respect to employee offboarding:

  • High risk systems are those that provide broad access to the IT environment, such as remote VPN accounts, master authentication directories, such as an LDAP directory or Microsoft® Active Directory, and systems that contain highly sensitive information.

  • Low risk systems include everything else.

Using the IBM Security Blueprint to Address Business Risks for Employee Offboarding

Document info
Document views127
Page views128
Page last viewedTue Jan 24 01:33:24 UTC 2017