• SimplifyIT
  • Posts
  • Former employees may still have access to your systems

Former employees may still have access to your systems

Author

Jared Peno
September 09, 2025

In partnership with

Your Biggest Security Risk Just Walked Out the Door

Sarah left your company six months ago. She turned in her laptop and badge. You think you're safe.

But she can still access your customer database from home.

I find this problem everywhere I go. Former employees with active accounts, shared passwords they never changed, and access to systems nobody remembers giving them.

It's not malicious. It's just sloppy. And sloppy IT security can destroy your business.

Season 5 Nbc GIF by The Office

Gif by theoffice on Giphy

How They Still Get In

Email accounts that never got shut down. Sarah's email is still receiving customer inquiries and vendor communications. She could be reading everything.

Shared passwords for "team" accounts. The marketing team shared their social media login with five people over two years. Three of those people no longer work there. The password hasn't changed.

Cloud storage access. That Google Drive folder with all your financial reports? Everyone who ever had the link can still see it. Even people who left years ago.

Software licenses tied to personal accounts. Your former bookkeeper set up QuickBooks under her personal email. Guess who still has admin access to your financial data?

VPN access that stays active. Remote access credentials that nobody thought to disable. Former employees can connect to your network like they never left.

Application-specific accounts. CRM systems, project management tools, file servers - each one potentially still accessible to people who shouldn't have it.

What Happens When This Goes Wrong

Best case: nothing. Former employees ignore the access and move on with their lives.

Worst case: sensitive data gets exposed, deleted, or held hostage. Competitors gain access to your customer lists. Financial information gets compromised.

I've seen businesses lose major contracts because former employees accidentally (or intentionally) shared confidential information they still had access to.

How Good IT Providers Handle This

Immediate account deactivation. The moment someone leaves, all their accounts get disabled. Email, network access, cloud storage - everything.

Complete access audit. We review every system and remove the departing employee from all shared accounts and folders.

Password changes for shared accounts. Any passwords the former employee knew get changed immediately.

Software license transfers. Accounts get moved to current employees or company-controlled emails.

Documentation updates. We maintain lists of who has access to what, so nothing gets forgotten.

Regular access reviews. Monthly audits to catch any access that shouldn't exist.

The Reality Check

Most businesses handle departures like this: collect the laptop, deactivate the main email account, and hope for the best.

That's not enough anymore. Every system, every shared account, every piece of software needs to be reviewed when someone leaves.

The best IT companies (like us) can automate access control and it becomes seamless through your HR process.

Your Action Plan

Start by listing everyone who left in the past year. Then check if they can still access:

  • Email systems

  • Cloud storage

  • Business applications

  • Financial software

  • Social media accounts

If you find active access, you have a problem that needs fixing today.

Don't let former employees become your biggest security vulnerability. Handle departures right, or hire someone who will.

Until next week,

—Jared 

Text Me: 314.806.3912

Ways To Work With Me

Alliance Technologies - Full service IT department for your business. We provide Security, Device Management, Helpdesk, and expert-level engineering for your technology projects.

Taligent - Personal recruiting for your next top-of-the-line team member. Oh, and we have excellent HR consultants for any people problems you may be facing.

1:1 Coaching - I love solving real-world growth and efficiency problems. I can personally assess your business needs and get you on the path of using the right technology so you can make more $$.

G.R.I.T. Anthology - Get inspired with many stories from Entrepreneurs with G.R.I.T. and read my starter story and how being resilient shaped my future as an entrepreneur.

If you’ve made it this far and aren’t yet subscribed, please consider supporting my work.

How 433 Investors Unlocked 400X Return Potential

Institutional investors back startups to unlock outsized returns. Regular investors have to wait. But not anymore. Thanks to regulatory updates, some companies are doing things differently.

Take Revolut. In 2016, 433 regular people invested an average of $2,730. Today? They got a 400X buyout offer from the company, as Revolut’s valuation increased 89,900% in the same timeframe.

Founded by a former Zillow exec, Pacaso’s co-ownership tech reshapes the $1.3T vacation home market. They’ve earned $110M+ in gross profit to date, including 41% YoY growth in 2024 alone. They even reserved the Nasdaq ticker PCSO.

The same institutional investors behind Uber, Venmo, and eBay backed Pacaso. And you can join them. But not for long. Pacaso’s investment opportunity ends September 18.

Paid advertisement for Pacaso’s Regulation A offering. Read the offering circular at invest.pacaso.com. Reserving a ticker symbol is not a guarantee that the company will go public. Listing on the NASDAQ is subject to approvals.

Reply

or to participate.