Search
Employee Offboarding: The IT Security Checklist

Employee Offboarding: The IT Security Checklist

July 10, 2026
Blog

2 min read

A torn sheet of

When someone leaves your company, the exit interview and the final paycheck get all the attention. The part that quietly creates risk is what happens to their digital access. A departing employee, whether they leave on good terms or bad, can retain the keys to email, files, and systems long after their last day if no one closes the doors behind them. Former-employee access is a well-documented cause of data breaches, and it is entirely preventable. This checklist covers the IT side of offboarding that too often gets missed.

Why offboarding is a security issue, not just an HR task

Every account a person had is a potential way into your business. An unclosed email login, a still-active VPN connection, or a cloud file share that was never revoked can be used long after someone walks out the door, sometimes by the former employee, sometimes by an attacker who finds the dormant account. Orphaned accounts are attractive precisely because no one is watching them. Treating offboarding as a security process, not just paperwork, is what closes that window.

The IT offboarding checklist

  1. Disable accounts immediately. On the employee’s last day, disable (do not just delete) their logins so access stops while data is preserved for handover.
  2. Revoke every point of access. Email, VPN, cloud apps, remote access, and any third-party services. Single sign-on makes this far easier when it is set up.
  3. Reclaim devices and check them. Collect laptops, phones, and any hardware, and confirm no company data remains on personal devices.
  4. Transfer data and reassign. Move important files, email, and ownership of shared resources to a manager before anything is deleted.
  5. Change shared credentials. If the employee knew any shared or admin passwords, change them. This step is skipped constantly and matters enormously.
  6. Update MFA and remove the person as a recovery contact. Make sure their phone or email cannot be used to reset access.
  7. Remove them from devices and systems on the network, including the copier and print release, so stored credentials and scan-to destinations are cleared.
  8. Reclaim software licenses. Free up paid seats so you are not paying for people who have left.
  9. Document what you did. A record of the offboarding protects you for compliance and audits.

Why a consistent, automated process matters

The danger with offboarding is not that businesses do not know these steps; it is that under the pressure of a departure, steps get forgotten and accounts slip through. A documented, repeatable process fixes that, and a managed IT provider can automate much of it, deprovisioning access across systems quickly and consistently so nothing is left open. When departures are handled the same way every time, the security gap simply closes on its own.

Want departures to close security gaps automatically? Novatech builds offboarding into managed IT so access is revoked cleanly and consistently every time. See how our managed security works.

Written By: Editorial Team

Related Post

See All Posts