IT PERSONNEL EXTRACTION

When a team member has the “keys to the kingdom” and they need to be removed from their position or terminated, an organization must work quickly to ensure the network is protected

AN EMERGING NEED

Executives are finding themselves in a dilemma. Many are currently unsure how they would regain control of their organization’s data and systems from technology team members who hold the “keys to the kingdom.” These team members, who control the network and technology systems, wield enormous power within the organization, because they can cause extensive harm or disruption if they desired to do so or felt they had reason to do so. There are many examples of when a leader may want to consider removing or terminating a technology team member. These include:

  • A loss of confidence in the individual or group
  • They have become toxic, because they were passed over for promotion
  • They show poor leadership
  • They have been insubordinate
  • They have been caught stealing data
  • They are suspected of reading the personal correspondence (e.g. email) of executives
  • They have been harassing staff
  • They have become too cozy with vendors, spending money they don’t need to

HOW TECHNOLOGY TEAM MEMBERS CAN HAVE A GRIP ON AN ORGANIZATION

These are some of the ways IT personnel wield immense influence over an organization and its network:

  • Privileged access to control systems (both physical systems and cyber systems)
  • Administrative access to systems
  • Possession of additional “shadow” accounts that executives may be unaware of
  • Sole access to critical network and routing configurations
  • Telecommunications control (Phone and internet)
  • 2FA Endpoints to control authenticating access
  • Software, platform, and infrastructure access credentials
  • Relationships with vendors and partners
  • Knowledge of weaknesses in the system
  • Friends / Cohorts in the organization

HOW WE HELP

We have developed a methodical IT Personnel Extraction process. This process is broken up into three stages: Pre-extraction, Extraction, and Post-Extraction. In each of these stages we have developed a step-by-step technique in addition to a checklist for properly safeguarding data and systems, fully withdrawing the access of a technology team member who is being removed from their position or terminated, and the proper analysis post-extraction so you can be certain that the individual can no longer cause harm to your systems.

IT Personnel Extraction Process & Checklist

We can offer your leadership a document that fully lays out our extraction process as well as a checklist so that you are able to quickly identify what you’ve done and what you still need to accomplish during the extraction.

Training

Our consultants can discretely train your leadership and / or key members of the organization on our IT personnel extraction process. Leaders will also be provided our process document and the checklist. The training could be valuable so leaders can ask questions and really understand the process.

Emergency Extraction Situations

In most cases, an extraction situation comes without warning and must be handled quickly and effectively. In these situations, we can get “boots on the ground” quickly to help your leadership team understand how the specific extraction should take place, help the organization remove the person’s access and control over the network, evaluate the network forensically for any holes that could be penetrated and help close them and then document the entire situation in case legal proceedings are necessary.