Zombie

Return of the Zombie

SHARE

Carl Mazzanti is the president of eMazzanti Technologies in Hoboken.

Carl

I was working in the lab

Late one night

When my eyes beheld

An eerie sight

 

Monster Mash – Bobby “Boris” Pickett

Nobody wants to be around a zombie, especially in October as Halloween draws closer. But here is a spooky thought: your business may be a breeding ground for them.

In a previous NJBIZ column, we warned about the Cyber Security threat posed by zombie, or past-due, “phantom records” and vendor accounts. However, business owners and other entrepreneurs should be aware that offboarded employee email and other unused zombie accounts can also be at risk. It is a chilling thought: your company’s former assets are now turning into liabilities. Fortunately, an experienced Cyber Security consultant can help.

The challenge starts with a gap in the actions companies routinely take when an employee exits, voluntarily or otherwise:

  • The employee will have to turn in their keys or ID cards and any other accessibility assets.
  • They turn in any mobile device, laptop, or other electronic equipment.
  • They turn in any corporate credit cards.
  • Depending on their position, the employee may be asked to sign a nondisclosure agreement.
  • Depending on the circumstances, the employee may be searched to be sure they are not leaving with sensitive materials.

But what about their email account(s), lead source and other subscriptions, and registered domain names? It is not unusual for companies to maintain an ex-employee’s email address and simply redirect it to another existing employee’s email account. While this enables the successor employee to keep up with the ex’s business correspondence, it also opens up another path for phishers and hackers to penetrate the company’s Cyber defenses.

Ditto with the ex-employee’s subscriptions. When companies reduce headcount and reallocate email accounts, they’re actually creating more “busy work” for existing employees, who now have to dig through a higher volume of emails, many of which are spam.

Zombie

In fact, nearly one-third of a worker’s day is spent digging through emails, according to published reports; and 45% to 85% of the emails are spam anyway. So besides opening an additional attack vector, these zombie email accounts act as time burglars, eating away at employee productivity.

The zombie email problem is not limited to ex-employee accounts – it extends to ties with zombie vendor, supplier, and customer accounts too. When a vendor, supplier, or customer closes a shop, for example, their domain name may still be active but could be under the control of a bad actor who now has access to your company’s email or other portal.

Savvy business owners, however, can exorcise these Zombie accounts. One step is to have managers periodically go through email and other accounts to prune the deadwood. Do you have customers, vendors, or others that you know are out of business? Shut down the account or take it off your “whitelist” of approved emails.

Are you forwarding emails from an ex-employee to active employees? Review the emails and determine which ones are from legitimate partners, then reach out and give them updated contact information for the active employee taking over the relationship. Then, after making sure you are keeping good backup records in the cloud, go ahead and shut down the ex-employee’s email account.

Do the same for any lead generation or other accounts the ex-employee had signed up for. And finally, going forward, do this kind of pruning a lot faster. Many businesses wait 90 days or more to begin addressing the challenge of an ex’s email and other accounts, but that is way too long. Instead, try to start the pruning process within 24 to 48 hours of an employee’s departure.

Trimming this kind of fat is good for a company’s health. It can boost productivity and add another barrier against zombies and other bad actors. And it is a lot more effective than garlic or wolfsbane.

MXINSPECT Email Defense

Complete Defense Against Today’s Email Threats

eCare Cloud Backup

Unlimited Backup and Data Protection

Free Cyber Security Assessment

The time is NOW to begin planning your Cyber Security Strategy

UPCOMING VIRTUAL EVENTS

Demystifying Cyber Security for SMBs

sb-cyber-security-master-class

The continually changing threat landscape requires us to update best practices and add new concepts to keep your organization safe.

SESSION 4: Cyber Security Strategy
Watch On-Demand

SESSION 5: Cyber Insurance & MFA
Watch On-Demand

SESSION 6: Threat Detection | JAN. 15

Microsoft Copilot
Master Class Workshop

sb-microsoft-copilot-master-class

eMazzanti will host 60-minute Master Classes, that speak to how AI can help your business streamline and grow.

In each session, you will have Artificial Intelligence and Automation explained, view a live demo of Copilot, and see it live in action in a dynamic format.

RESOURCES

Cyber Security Awareness Hub

sb-Cyber-Security-Awareness-Hub

Cyber Security Awareness Kit, designed to be delivered to your team in bitesize chunks.

We are sharing the resources and highlighting services your organization needs, covering everything from multifactor authentication to software updates, showing your users just how easy it is to improve their security posture.

Resource Library

sb-resource-library

Insights to help you do what you do better, faster and more profitably.

> Tips to Stay Protected Against Phishing Attacks

> Understanding Ransomware 

> The 6 Known Wi-Fi Threat Categories Targeting Your Business and How to Defend Against Them

> Practical Advice for Avoiding Phishing Emails

Recent Articles

NEWSLETTER

Categories