Q&A with Jeff Tujetsch: How to minimize risks when an employee leaves

Employees don’t stay in one job forever; it’s a certain fact of work life. For the IT manager, an employee transition, voluntary or involuntary, can be a file management nightmare. Sherpa Software’s Jeff Tujetsch offers practical tips to navigate and troubleshoot employee turnover. 


What’s the rule of thumb for how long to keep files from an employee’s computer after they leave?

JT – It must depend on the regulations that govern the company’s retention policy. If there are no regulations, it should be a decision made at the department head level. For instance, a ma­nager may want to keep a former employee’s messages for a year. You also have files that exist directly on the laptop/desktop, but also server-based data (e.g. email, calendar, files, etc.).

What are the most critical differences to consider from an IT perspective on how to handle files/employee accounts when leaving is voluntary vs. involuntary?

JT – They should be very similar. A manager should be concerned about the data, but also physical security (e.g. keys, access codes, credit cards, account access, etc.).

Here are some of the things that I would always check when someone leaves:

1. Who should be forwarded any new messages?

2. Who should have access to the current data?

3. Who (if anyone) is taking their place?

When a person is terminated involuntarily, here are the most prevalent concerns:

1. What damage (data) did they do without anyone knowing?

2. Did they expose internal information?

3. Did they compromise intellectual property?

Are there software products that can make life easier for the IT professional in charge of this process?

JT – There are some steps to take to make certain data remains intact after someone leaves, with primary emphasis on email. If a company is not currently journaling (keeping a copy of every message in a secured location) and an employee deletes the only occurrences of specific messages (without anyone knowing) there may be severe implications. Messages and critical evidence can be permanently lost.

With Compliance Attender, every message that is sent or received is stored in a secure location. Users are able to perform any action (delete, etc.) on their messages without affecting the discoverable information, because users don’t have access to the secured data.

With Discovery Attender, all journals produced by Compliance Attender are easily searchable and produce a full set of data to match designated criteria.

Jeff Tujetsch is a Senior Vice President with Sherpa Software.

Leave a Reply

Your email address will not be published. Required fields are marked *