Blog
Recent
bg
Industry News

The Great Resignation and Its Impact on Data Security 

LastPassJanuary 11, 2022
The Great Resignation and Its Impact on Data Security 
The Great Resignation, as it’s being called, is having a profound impact on companies in the US and across the globe. Employees are leaving in droves, challenging HR and IT teams to manage a smooth offboarding and an uptick in onboarding of replacement hires.  When the pandemic hit hard, and companies had to pivot to a remote work set up, IT and HR teams had to work together closely to ensure a smooth and friction free experience for employees. Hard on the heels of the pandemic and we are facing another seismic shift, creating another moment for IT and HR to partner up. Let’s take a look at what's driving this mass exodus and why it's so different from previous dips in retention, along with the data and password security implications. We'll also explore how a password manager can protect businesses during this unprecedented moment in the labor market. 

What's driving the Great Resignation

The pandemic has caused millions of people to fundamentally re-evaluate their work and life priorities. Many employees have been unable to find affordable childcare, which has made it incredibly challenging for them to balance work with family obligations. Other employees have become frustrated with their workplace conditions, and, amid the extraordinary pressures of a once-in-a-century global health crisis, they have decided that they need to make a change. Some employees have become accustomed to working from home, and they don't want to return to the office.  The war for talent is fierce right now and companies are offering ever more competitive salaries and benefits to attract talent. Add the rise in inflation and many employees are moving for purely economic reasons. Whatever their reasons for departing, the constant loss of colleagues can have a knock-on effect on those “left behind” who have to cover the workload, causing more frustration and burnout and accelerating the Great Resignation even further.

Turnover is at historic highs 

According to the US Bureau of Labor Statistics, more than 4.4 million Americans voluntarily quit their jobs in September 2021. The prior month was similarly high at 4.3 million, the highest numbers on record since the government began keeping track. This attrition is impacting every industry and is not limited to the US. A lack of workers in the UK, per the BBC, is leading to shortages in multiple areas from toys to turkeys to trees, causing many to have to rethink their Christmas plans. According to Harvard Business Review, the tech and healthcare sectors have been hit hard and other data shows how retail and hospitality have been running below capacity for many months.  There is no sign of an ending any time soon. Recent research from the Society for Human Resource Management (SHRM) indicates that over 40% of U.S. workers are actively searching for a new job right now, or plan to do so in the near future. That's twice the rate that businesses saw in 2019. Forty-nine percent of US executives say that their organization has seen higher or much higher turnover than usual during the past six months. With this ongoing flow of employees out the door, HR teams have a full plate, working with hiring managers to attract new talent into the company and finding short term solutions to balance workloads and prevent more burnout. With a focus on finding talent and keeping the business running, there may not be a spare moment to think about data security.  It is time well spent, however, as the increased volume of resignations has some serious cybersecurity implications.

The Great Resignation and data security

Many businesses were caught off guard when hackers took advantage of the sudden shift to working from home, launching phishing campaigns and making off with valuable data. Now that employees are quitting en masse and HR teams are focused on addressing retention, engagement, and productivity challenges, bad actors are looking for vulnerabilities they can capitalize on while employers are distracted. As Security Intelligence reports, sudden waves of resignations can create process bottlenecks, overwhelming the IT and security teams that are charged with offboarding employees. They must carefully review all the identity and access privileges associated with each former employee, terminating or adjusting permissions where appropriate and properly preserving sensitive data. It may not be as easy to collect a badge or a mobile device in-person as it once was. If the employee was doing work that an entire team depended on, the company may need to ensure that the team still has access to that data or application. All of these tasks can be time-consuming even in the best of circumstances, to say nothing of handling them in high volume and often short notice. If IT and security do not offboard employees in a timely fashion, the business will be vulnerable to external and internal threats. These threats are especially consequential when it comes to key employees who have privileged access to systems and data. 

How to securely offboard employees after they resign

At a minimum, HR teams should review existing offboarding processes alongside their IT and security colleagues to see if they properly account for these security risks and refresh them where appropriate. If some of your employees are working remotely, these processes likely need to be updated. Given the role of password security in the work-from-anywhere world, it's wise to pay special attention to identity and access management concerns. At times like these, it's a good idea to make sure you have tools in place that streamline offboarding as much as possible.  A password manager like LastPass keeps your business safe by ensuring that employees are securely offboarded when they leave your company. After an employee has resigned, an administrator can go to the admin console and disable, delete, or remove that user as appropriate. Disabling a user puts a lock on their account, preventing anyone else — including an administrator — from logging in as them. Removing a user disassociates their LastPass account from your company, and you can choose to either allow or forbid access to shared company sites and folders if you wish. Deleting a user fully deletes the user's Vault and all information within their LastPass account and is a permanent step that cannot be undone.  An administrator can also choose to reset an employee's master password if the right policy is in place, locking out the original account owner while still allowing admin access. This may be useful for audit purposes or terminating accounts that the employee once had access to, and it also allows you to reassign the account to another employee if desired. Single sign-on (SSO) tools can help automate the process of offboarding cloud applications and quickly revoke access to key applications, lightening the load for the IT and security teams.

Security for the business and a frictionless experience for employees

Of course, you're also looking for ways to make life easier for the employees who are currently working at your company. A password manager simplifies the process of securely logging into online accounts from any device or location, relieving employees of the burden of mentally managing passwords on their own. Because a password manager teaches your employees proper password hygiene, it's also an excellent way to make cybersecurity education a priority for your business. You could also offer LastPass Families as a benefit, empowering employees and their families to live and work securely from anywhere. This will help your employees secure their families' personal data at a moment when professional and personal lives are merging at an unprecedented rate. Your employees will appreciate having greater peace of mind both at work and home, knowing they have the tools they need to protect themselves and their children from cyber threats. While there will an end to the Great Resignation at some point, investing time now in implementing great offboarding practices will help HR and IT teams stay ahead of sensitive data challenges now, and long into the future. Learn how LastPass improves data security without compromising ease of use.