Follow this guide to make sure you remove the risk of a former employee with bad intentions from accessing your critical business data.
Just fired an employee? Don’t stop at taking their laptop and changing their email password. If you care about security, that’s not enough, as their phone most likely still has access. Their browser might autofill your CRM, and there might be shared tools, notes, and even passwords that you don’t know about. The best approach is to scrub everything.
We put together this checklist to help you get started.
Start with the obvious:
- Disable their company email and user accounts (Google/Microsoft/SSO)
- Revoke access to synced apps (chat tools, cloud storage, CRM, project
management tools) - Log out all active sessions
- Remove their device(s) from MFA (authenticator apps, SMS, backup
Then check what people usually miss:
- Remove access from personal devices (phones, tablets with company apps)
- Clear saved passwords and tokens in shared browsers or password managers
- Unlink from shared calendars, notes, drive folders, and internal wikis
- Check integrations or API tokens tied to their user profile
- Audit shared inboxes, forwarding rules, and email auto-logins
- Remove them from any informal team chats (e.g., WhatsApp, Telegram and Signal)
- Review physical access (keys, door codes, ID cards)
Document the offboarding process to improve next time.
If this helped, pass it on to a business that just let someone go.