Share this post:

When an employee leaves a company, it’s important to remove their access to secure important information that could get leaked.

Whether the departure was voluntary or involuntary, failing to revoke their access to software and accounts can increase the chance of facing risks like data breaches, intellectual property loss, data theft, and regulatory non-compliance.

In this article, we’ll explain the importance of removing access for terminated IT employees and provide a checklist to help you make this process easier.

Why You Need to Remove Employee Access

Some terminated employees, like those who have been let go under unfavorable circumstances, may seek retribution against the organization or company.

Assuming they still have access to sensitive information, systems, or physical premises, they may cause harm, either intentionally or unintentionally.

If you fail to remove access immediately after terminating an employee, it can lead to compliance issues, as many industry regulations and data protection laws mandate timely access revocation upon employee termination.

Removing Access for Terminated Employees Checklist

co workers in office
Source: Freepik

1. Immediate Actions

As soon as an employee’s termination is confirmed, initiate the access removal process. Disable the employee’s account, revoke system privileges, and collect any company-issued devices or physical access credentials.


  • To prevent delay, use automation tools like ezOnboard to trigger the deactivation of user accounts immediately upon confirmation of termination.
  • To prevent data breaches or loss, create a protocol for quickly retrieving company-issued devices on an employee’s last day.
  • Schedule a swift meeting between the human resources team and the IT department to review the employees’ access levels and ensure that all necessary deactivations are initiated.

2. Accounts and Credentials

Find all accounts and credentials associated with the terminated employee, including local and network accounts, cloud services, corporate applications, and email accounts. Reset passwords or disable these accounts to prevent unauthorized access.


  • Automate tools to generate a complete list of all accounts and credentials the employee has access to so nothing is overlooked.
  • Implement batch processing to deactivate multiple accounts simultaneously.
  • Review and update any shared password vaults or management systems to ensure the terminated employee’s access is completely removed.

3. Security Protocols

Review and update security protocols to see if the terminated employee cannot bypass access controls or exploit vulnerabilities. This may include changing encryption keys, revoking digital certificates, or updating firewall rules.


  • Conduct a security assessment to identify potential vulnerabilities exposed by the termination and address them promptly.
  • Regularly update and review encryption keys and digital certificates, especially after termination, to prevent unauthorized access.
  • Adjust firewall rules and network access controls to reflect the termination.

4. Physical Access

Deactivate the terminated employee’s physical access credentials, such as keycards or biometric identifiers. Update access control lists and make sure that the individual cannot enter restricted areas or premises.


  • Check if physical access systems are integrated with HR databases to revoke access upon termination automatically.
  • Conduct a physical security audit to ensure all access points are secure and no backdoors are left accessible.
  • Change access codes or reissue keycards for sensitive areas as needed, particularly if the terminated employee had access to important or secure areas.

5. External Services and Partners

Notify external service providers, vendors, or partners with whom the terminated employee may have had access or shared credentials. Request that their user access be revoked or their credentials reset.


  • Use centralized access management for external services access to quickly revoke permissions without needing to contact each service provider individually.
  • Establish a standard procedure for notifying external vendors and partners about terminations to ensure timely access revocation.
  • Review and secure any accounts that were shared with external parties so that the terminated employee can no longer access them.

6. Documentation and Compliance

Document all actions taken to remove the terminated employee’s access, ensuring compliance with relevant industry regulations and internal policies. Maintain accurate records for auditing purposes.


  • Use tools that automatically log and report the deactivation of accounts and access rights for compliance purposes.
  • Schedule regular reviews of compliance documentation to make sure that all termination procedures are correctly documented and up-to-date.
  • Maintain detailed audit trails of access removal activities, including timestamps and responsible parties, for auditing and compliance verification.

Remove IT Access Automatically with EzOnboard

EZ onboard connects active directory to your HR system

Here’s why ezOnboard can make things easier when it comes to removing access for terminated employees:

Automated Deactivation of Accounts

Immediately upon an employee’s termination being recorded in the HR system, ezOnboard can automatically trigger the deactivation or deletion of the employee’s Active Directory (AD) account.

Revocation of Access Rights

ezOnboard makes sure that all specific access rights and permissions associated with the terminated employee are revoked.

This includes access to internal assets and systems, applications, databases, and any other resources the employee had permission for, thus securing sensitive company or client data.

License Reclamation

The software automates the process of reclaiming any software licenses that were allocated to the terminated employee.

License reclamation helps optimize the company’s SaaS spending and also ensures that unused licenses are promptly available for reallocation to other employees or new hires.

Customizable Offboarding Workflows

Organizations can configure ezOnboard to follow custom offboarding workflows that align with their internal policies and procedures.

Having a customizable offboarding workflow allows for the addition of specific steps that might be required for certain roles or departments, resulting in a comprehensive and compliant offboarding process.

Consistent Application of Policies

By automating the offboarding process, ezOnboard will ensure that company policies regarding terminated employees are consistently applied.

This uniformity is important for maintaining compliance with regulatory requirements and internal security policies.

Reporting and Audit Trails

ezOnboard provides detailed reports and audit trails of all actions taken during the offboarding process.

Reporting and auditing are part of regulatory compliance, as they allow organizations to demonstrate that access rights were properly revoked in accordance with company policies and legal requirements.

Enhanced Security and Risk Management

Automatically removing access for terminated employees minimizes the risk of data breaches and other security incidents that can occur when ex-employees retain access to company data and systems.

It guarantees that sensitive information remains secure and that the company’s IT environment is tightly controlled.

Woman moving out of office
Source: Freepik

Automate Your IT Offboarding Today

Simplify your offboarding process with ezOnboard! In addition to providing a seamless offboarding experience, your former employees will be removed from IT immediately.

Request a demo or check the ROI calculator to see how much money ezOnboard can save you.

FAQs About Removing Access for Terminated Employees

How do you ensure that all remote access is fully revoked for terminated employees?

Immediately disable all remote access credentials and terminate VPN privileges to prevent any unauthorized entry.

What steps are taken to remove a terminated employee’s network access?

Network access is revoked by disabling user accounts and removing them from all access groups within the network.

How do you handle ongoing access management after an employee has been terminated?

All pending and future access requests for the terminated employee are canceled, and their data access rights are fully removed.

Share this post:

ezOnboard ROI Calculator

See how much you can save on IT onboarding and offboarding with ezOnboard