Martin Baldock points out that as redundancies become more common, securing company assets, reputation and intellectual property becomes of greater importance. Here he gives management a checklist to help them protect the company.

Set out below is a checklist of steps that should be taken as soon as the employee is notified of their redundancy, or indeed as soon as possible after a resignation:

• Where the employee is being removed from the workplace, accompany them at all times until they leave the premises
• Ensure the employee surrenders all company-owned laptops, notebooks, PDAs (personal digital assistants), mobile telephones or any other electronic devices, access control devices or tokens assigned to him, as soon as informed of his dismissal/suspension. It is important to ensure that the employee is not given an opportunity to 'tamper' or wipe such devices clean before returning them
• Inform the IT department that the employee's computer accounts should be deactivated immediately, including any remote access and database accounts
• Particular care is needed where the disaffected employee is a network or systems administrator. Such employees may implement unauthorised 'back doors' into the systems that they administer or maintain, which they may use to obtain remote access regardless of whether their official dial-in account is deactivated
• Home working and remote users pose additional risks and difficulties, all the more so if employees use their own computers, PDAs, mobile telephones or other devices to connect to company networks
• The return of any company equipment used at home should be done in the presence of the employee at the earliest possible opportunity, and preferably on the day of his being notified of his redundancy/dismissal/suspension. There is an issue, certainly in the UK, where there is need for a consultation period prior to an employee actually leaving the company; this is a high-risk time and companies should be particularly vigilant during this period. The employer should always retain proof of purchase to prevent disputes about ownership
• Check whether the employee's internet or broadband service is being funded, as you may wish to terminate any such arrangement
• Ensure data from all computer systems (including laptops etc.) is secured in a forensically sound manner. The data need not necessarily be reviewed but it should at least be archived in the event that the employee brings a tribunal claim
• Ensure remote access server and network audit monitoring are effective to record any attack on the systems – without audit trails and event logging, it will be difficult to prosecute for computer misuse
• Security passes should be deactivated and returned, but in some cases it may also be appropriate to advise security staff and receptionists that the employee is to be denied access
• Telephone answering systems and voicemail should also be secured against tampering or the unauthorised re-recording of answer messages

Read: Protecting company assets when employees leave [1]

Martin Baldock is general manager at Stroz Friedberg UK. It is a leading technical consulting and services firm specializing in digital forensics, electronic discovery, data breach and online fraud incident response, and commercial investigations.