Blog

Return of the Zombie

Carl Mazzanti is the president of eMazzanti Technologies in Hoboken.

I was working in the lab

Late one night

When my eyes beheld

An eerie sight

 

Monster Mash – Bobby “Boris” Pickett

Nobody wants to be around a zombie, especially in October as Halloween draws closer. But here is a spooky thought: your business may be a breeding ground for them.

In a previous NJBIZ column, we warned about the Cyber Security threat posed by zombie, or past-due, “phantom records” and vendor accounts. However, business owners and other entrepreneurs should be aware that offboarded employee email and other unused zombie accounts can also be at risk. It is a chilling thought: your company’s former assets are now turning into liabilities. Fortunately, an experienced Cyber Security consultant can help.

The challenge starts with a gap in the actions companies routinely take when an employee exits, voluntarily or otherwise:

  • The employee will have to turn in their keys or ID cards and any other accessibility assets.
  • They turn in any mobile device, laptop, or other electronic equipment.
  • They turn in any corporate credit cards.
  • Depending on their position, the employee may be asked to sign a nondisclosure agreement.
  • Depending on the circumstances, the employee may be searched to be sure they are not leaving with sensitive materials.

But what about their email account(s), lead source and other subscriptions, and registered domain names? It is not unusual for companies to maintain an ex-employee’s email address and simply redirect it to another existing employee’s email account. While this enables the successor employee to keep up with the ex’s business correspondence, it also opens up another path for phishers and hackers to penetrate the company’s Cyber defenses.

Ditto with the ex-employee’s subscriptions. When companies reduce headcount and reallocate email accounts, they’re actually creating more “busy work” for existing employees, who now have to dig through a higher volume of emails, many of which are spam.

In fact, nearly one-third of a worker’s day is spent digging through emails, according to published reports; and 45% to 85% of the emails are spam anyway. So besides opening an additional attack vector, these zombie email accounts act as time burglars, eating away at employee productivity.

The zombie email problem is not limited to ex-employee accounts – it extends to ties with zombie vendor, supplier, and customer accounts too. When a vendor, supplier, or customer closes a shop, for example, their domain name may still be active but could be under the control of a bad actor who now has access to your company’s email or other portal.

Savvy business owners, however, can exorcise these Zombie accounts. One step is to have managers periodically go through email and other accounts to prune the deadwood. Do you have customers, vendors, or others that you know are out of business? Shut down the account or take it off your “whitelist” of approved emails.

Are you forwarding emails from an ex-employee to active employees? Review the emails and determine which ones are from legitimate partners, then reach out and give them updated contact information for the active employee taking over the relationship. Then, after making sure you are keeping good backup records in the cloud, go ahead and shut down the ex-employee’s email account.

Do the same for any lead generation or other accounts the ex-employee had signed up for. And finally, going forward, do this kind of pruning a lot faster. Many businesses wait 90 days or more to begin addressing the challenge of an ex’s email and other accounts, but that is way too long. Instead, try to start the pruning process within 24 to 48 hours of an employee’s departure.

Trimming this kind of fat is good for a company’s health. It can boost productivity and add another barrier against zombies and other bad actors. And it is a lot more effective than garlic or wolfsbane.

MXINSPECT Email Defense

Complete Defense Against Today’s Email Threats

eCare Cloud Backup

Unlimited Backup and Data Protection

Free Cyber Security Assessment

The time is NOW to begin planning your Cyber Security Strategy

eMazzanti Technologies

Recent Posts

Implementing Anti-Spoofing Rules for Email Protection

Increasingly, email communication is playing a pivotal role in business operations, facilitating collaboration, customer engagement,…

11 hours ago

The Comprehensive Benefits of MSP Management for Servers, Exchange, O365, VPN, and Networks

As the digital landscape evolves, businesses of all sizes face the challenge of managing complex…

11 hours ago

Cost-Benefit Analysis of On-Premises Network/Server Infrastructure vs. Azure-Based Cloud Infrastructure

In the evolving landscape of information technology, businesses constantly seek the most efficient and cost-effective…

11 hours ago

The Importance of Rigorous Security Protocols: MFA, VPN, Password Strength, and MSP Management

In an increasingly digital and interconnected world, the importance of robust security protocols cannot be…

11 hours ago

Robust Cybersecurity is Vital for Small to Medium-Sized Businesses

In today’s digital age, cybersecurity is no longer a luxury or a concern solely for…

13 hours ago

Understanding Your Printer

Printers are essential tools in both personal and professional settings, yet many people are unaware…

1 day ago