With work-from-home models now the norm, many organizations will need to rethink their IT asset management (ITAM) processes. In particular, IT will need to ensure that employee offboarding procedures account for assets that are being used remotely.
Many organizations have issued laptops and other devices for employees to use at home, and those assets will need to be accounted for when an employee leaves the company. Organizations have also adopted an array of cloud-based applications to facilitate remote work, and an employee’s access to those services will need to be removed or disabled along with access to corporate data and any on-premises IT resources.
Unfortunately, many IT teams use spreadsheets and other manual processes for tracking IT assets. Assets may not be mapped to specific users, increasing the odds that equipment will be lost and employees will retain access to resources after termination.
Remote work has further complicated matters. It’s impossible to walk a fired employee out the door when that employee is working from home. Even if the separation is amicable, it is difficult to retrieve any IT assets in the remote employee’s possession.
In 2010, the Ponemon Institute conducted a benchmark study on the economic impact of lost and stolen laptops. The study found that 86,455 laptops went missing in a 12-month period across 329 U.S. organizations. That puts the average annual loss at 263 laptops. Of those, 60 percent were simply missing, not believed to be stolen. Laptops were most commonly lost offsite, such as when employees worked from home.
The Ponemon Institute determined that the average value of a lost laptop was $49,246. The cost to replace the hardware was the smallest component of that value. Other costs included detection, forensics, lost productivity, lost intellectual property, data breach, and legal, consulting and regulatory expenses. Almost half (46 percent) of the missing laptops contained confidential data.
The number of missing laptops and the associated costs are likely higher today than they were a decade ago. The problem is compounded by record numbers of employees working from home using a growing array of devices.
Software is equally problematic. A study by Osterman Research and Intermedia found that 89 percent of former employees still had access to at least one of their ex-employer’s applications, and 49 percent admitted to logging in to their ex-employer’s systems. Additionally, 88 percent retained access to file-sharing services, and 45 percent could still access confidential or highly confidential data.
There are obvious security and business risks if users retain access to applications and data after termination. Imagine, for example, if a salesperson could still log into his former employer’s Salesforce.com account.
Additionally, failure to track software usage makes it difficult to reassign licenses that are no longer being used, creating inefficient use of software assets. Worse, it could result in software license compliance violations with associated penalties and true-up costs.
ITAM has two primary functions: inventory management and cost optimization. Every IT asset must be tracked throughout its lifecycle and associated with a specific user or administrator responsible for that asset. Otherwise, the organization is exposed to security threats if assets are lost, stolen or retained by terminated employees, and must absorb the cost of resources that aren’t being fully or appropriately utilized.
Employee offboarding processes are inherently linked to ITAM. Organizations need effective procedures to ensure that assets are retrieved and that all access is removed or disabled when remote workers terminate their employment.