While companies invest heavily in onboarding processes for new hires—issuing devices, granting access, and provisioning tools—their approach to offboarding often lacks the same discipline or urgency. This discrepancy, according to Chase Doelling, Principal Strategist at JumpCloud, poses a serious and growing security risk for modern enterprises.

In a recent conversation with Help Net Security, Doelling described how organizations, especially during mass layoffs or high churn periods, are failing to revoke credentials and remove access privileges promptly. "When offboarding is rushed, IT teams may miss deactivating critical accounts, especially for employees with broad system access," Doelling warned. These lapses can leave sensitive systems exposed to both malicious intent and accidental misuse.

Improper offboarding doesn't just refer to failure in deleting email accounts. It often means retaining access to cloud applications, CRM systems, collaboration platforms like Slack, and even VPN credentials, long after an employee's final day. While some companies rely on manual checklists or siloed access control, this method often proves inadequate.

According to Doelling, former employees may retain access to accounts for days, weeks, or even months, especially in decentralized or hybrid IT environments. This vulnerability is particularly dangerous when offboarding happens at scale—such as during layoffs or organizational restructuring—when overwhelmed IT and security teams are simply unable to keep up.

"The risk isn't always about disgruntled insiders. It's about neglected credentials becoming entry points for external attackers," Doelling emphasized. In some cases, hackers have exploited credentials from former employees to launch ransomware attacks or steal sensitive intellectual property.

Addressing these challenges requires more than just policy—it demands automation, visibility, and cross-team collaboration. Experts recommend that organizations implement identity and access management (IAM) systems with automatic deprovisioning features. This ensures that once HR marks an employee as terminated, the system revokes all digital access in real-time, without relying on manual inputs.

Additionally, regular audits of user access, strong privileged access controls, and integration between HR platforms and IT systems are now considered best practices. Cybersecurity frameworks like NIST and ISO 27001 also stress the importance of secure offboarding as part of a comprehensive security posture.

Organizations must shift from viewing offboarding as an HR task to treating it as a mission-critical security procedure. Failing to do so leaves companies exposed to insider threats, compliance violations, and potential reputational damage.