Free online Compliance Assessment

BONUS; get free compliance checklists for major cybersecurity standards (NIS 2, PCIDSS, GDPR, HIPAA, Cyber Essentials,..)

What you’ll get

  • Prevent Data Leaks Instantly
  • Eliminate Human Error & Shadow Access
  • Stay Audit-Ready for ISO, SOC 2, NIS2
Yes, I want to navigate the complex world of NIS 2 with ease
No lock-in. Fixed fee. Zero risk.

Helping SMEs stay ahead of the curve

Helping SMEs stay ahead of the curve

Resource

19 Things to Disable When Someone Leaves, so you don’t lose data

A tactical guide for HR, IT, and ops teams to prevent shadow access, data leaks, and compliance risk.

Here’s the complete “Remote Offboarding Checklist: 19 Things to Disable When Someone Leaves” — a high-impact resource for HR leaders, COOs, and IT teams. Designed for modern, distributed teams, this covers compliance, security, and operational continuity.

Remote Offboarding Checklist

Why It Matters

When someone leaves your company — whether it’s an employee, intern, or contractor — every hour you delay offboarding increases your security risk.

According to IBM, insider threats cost companies an average of $4.9M per incident. Most of these come from human error and missed steps.

Use this checklist to lock down access, protect data, and maintain compliance with ISO 27001, SOC 2, NIS2, and GDPR.

19 Offboarding Actions You Must Take

Identity & Access

  1. Deactivate Google Workspace / Microsoft 365 account
  2. Revoke SSO (Okta, JumpCloud, etc.) access across all apps
  3. Reset all shared passwords they had access to (use a vault)
  4. Reclaim or rotate hardware security keys (Yubikeys, etc.)
  5. Remove from Slack, Notion, ClickUp, GitHub, Linear, etc.

Device & Endpoint

  1. Remote-wipe or lock laptops, phones, or tablets
  2. Reclaim devices and check for local files or backups
  3. Remove from MDM systems (Intune, Kandji, Jamf)
  4. Disable VPN or private network access

Data & Storage

  1. Reassign ownership of Google Drive / Dropbox folders
  2. Revoke access to shared folders, databases, internal wikis
  3. Check for unsynced cloud storage (e.g. local copies of sensitive data)

SaaS & Tools

  1. Audit last login + API activity logs for anomalies
  2. Deactivate access to developer tools (AWS, GCP, Vercel, GitLab)
  3. Revoke analytics / product tool access (Amplitude, Segment, etc.)

Communication

  1. Redirect or disable email, voicemail, and shared inboxes
  2. Remove from team calendars, mailing lists, and aliases

Compliance

  1. Log and timestamp offboarding event in audit trail
  2. Update your access review records (for ISO/SOC2/NIS2)

Bonus Tips

  • Use a central asset & access tracker — spreadsheets break quickly
  • Automate SSO-based removals via platforms like Okta or JumpCloud
  • Treat interns, freelancers, and vendors the same — full offboarding applies
  • Review offboarding logs monthly to catch misses

Book a free call

Let's find out how we can help you. No attachements, no lock-ins, no risk.
Book a call