OneLogin: Preventing Ex-Employee Breaches

Some folks may be unfamiliar with the term SSO, or single sign-on. It is the system with which someone could sign into most accounts, with an ID and password. Sometimes, the website or software and information the person is logging into isn’t the company that implements this, but rather a third party company that specializes in security. A company whose name is well known and appropriately named, OneLogin.

OneLogin is a leading SSO retailer who prides themselves on not only their speed, but their security, as well. Something that businesses look for in your security service, is trustworthiness and a step to achieving this, is vulnerability and transparency. OneLogin achieves this with their website, where they host posts that are honest and hold answers to questions their customers might beg when looking for a security service. Questions such as, “What happens to all our information and data if one of your employees goes rogue?”

OneLogins website hosts an article answering this exact question. To go along with the theme of openness, honesty and trustworthiness – the company notes that no company, anywhere, isn’t subject to ex-employees asserting their revenge on said company, if left with terms that are less than ideal.

58% of ex-employees still have access to company data after they exit their position and OneLogin notes a few instances in the past few years, which other companies have been subject to this possible worst case scenario. One particular case which they mention, was an instance where one of OFCOM’s ex-employees had downloaded six years of information and provided it to their next employer – a major broadcasting. Luckily, the broadcasters informed OFCOM of the data breach, but not every company is so lucky.

What could be a possible solution to this potentially damaging scenario?

OneLogin recommends to not purely rely on the word of the former employee alone, but to implement automated processes that terminate access to the businesses accounts after the termination of said employees contract. Along with doing so, OneLogin recommends a company implements a Security and Information Manager, which does checks for application use by former employees.

With these two steps in place, companies can properly prevent damage to business and efficiently protect themselves and their customers.