Suppose you arrive at work and all your server data has been deleted, because an ex-employee still had access to your system. This causes a lot of problems and can easily shut down your business for a long time. Not to mention possible claims and loss of customers. Would your business survive if your systems were down for an extended period of time?
Prevent fraud and errors
How did this happen? This has nothing to do with a hacker or ransomware (which are also real threats) but with not having internal procedures in place. Even if you have employees you trust completely, it is still important to have a good authorization structure. This will not only prevent fraud (which your employees will never do) but also errors because employees change things they don't know about with the best of intentions.
Take away the key
And then comes the time when you have to say goodbye to certain colleagues. Do your administrators follow a correct procedure that ensures that on the day of departure, the rights in all systems are also withdrawn? After all, this is just as logical and important as asking for the key to the office building back.
But also consider all kinds of temporary accounts: suppliers and consultants, accountants or temporary test accounts. They are often frequently present in the system with very extensive rights. Make sure that these accounts are no longer active than necessary for the work that is being carried out.
Number of employees vs. number of accounts
Put your employee list to the test and compare it to the login accounts of different systems. Differences? Then it's time to take action to tackle this systematically and take a good look at the procedures around authorization management. Before your business comes to a standstill...