"Almost all business applications have some level of user ID and password security, and then, once you're in, you're in," he says. But with a tracking system, when a user goes into a database, everything that he does there is recorded -- and potentially reported to law enforcement, van Wyk explains.
Part on good terms, but plan for bad times. Jones recommends that even if a layoff goes smoothly with no apparent disgruntlement on the part of the employee, a company should still collect evidence of its own due diligence in case there's some sort of investigation in the future.
That's because companies that experience any kind of security breach, including the theft of data by a laid-off employee, must be able to show that they took all possible precautions and measures to protect that data.
Specifically, Jones says companies should take forensic images of departing employees' laptops, so they're available if an investigation is launched. (A forensic image is a copy of a computer's hard disk.)
"Usually, when something bad happens, it doesn't happen right away," Jones explains. In fact, it can take six, 12 or even 24 months before it comes to light. Yes, there is the added expense of taking the image, he says, but you have to offset that with the potential cost of litigation.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.