How to prevent security risks during employee offboarding

If you resonated with the challenge of balancing payslip distribution with actual security, you're not alone. The 'password in a separate email' ritual is a clear sign that the tools we use are failing the modern security test. We need to stop accepting "good enough" for documents that contain sensitive personal data and salary information. The shift is from attachment to architecture. HeyLuna isn't just a platform; it's a dedicated security framework for your employees' financial documents. We replace the scattergun approach with: 🔒 Proper Access Control: Moving beyond two-step emailing to true MFA-secured access. 📂 Single Source of Truth: Centralising documents to eliminate data sprawl across inboxes. 💡 Intelligent Clarity: Using AI to explain complex payslip items, reducing helpdesk load and improving trust. The payoff? A robust security posture and a superior employee experience. #PayrollSecurity #HRTech #ePayslips #EmployeeExperience #DigitalTransformation

🚨 The hidden cost of the "Day 1 scramble." That exciting new hire shows up, ready to go... only to find their laptop isn't ready, their accounts aren't created, and they spend their first 4 hours sitting idle waiting for IT. This isn't just awkward—it's expensive. Slow, inconsistent, and manual device provisioning creates: ➡️Loss of Productivity: Valuable employee time wasted waiting. ➡️Security Gaps: Manual setups often skip critical security baselines (firewall, encryption, etc.). ➡️Help Desk Overload: The first week is full of tickets like "I can't access the shared drive." The question for leadership: How much is the friction between HR, Procurement, and IT costing you in lost productivity and security risk? Most companies have a checklist. Few have a measured, repeatable process. I've been working on a framework to eliminate the 'Day 1 scramble' for good. More on this Monday. #ITSupport #SysAdmin #OnboardingFails #TechLeadership #ZeroToProductivity

👏 Kudos to Mike for shining a light on an area in cybersecurity that is far too often overlooked, the offboarding of ICT equipment. CISOs and IT teams rightly invest heavily in securing new devices and onboarding processes. But what happens when these devices reach the end of their lifecycle? Often, not enough. The mindset must shift: securing offboarded assets should carry at least the same priority as onboarding new ones. Otherwise, we’re leaving the back door wide open, and that’s a risk no business can afford to ignore. And the truth is that today's standard solutions don't cover this well enough. Most tools were built for live operations, not the quiet, dangerous moment when a device slips out of production. Mike nails the point: deep deletion is not a luxury - it’s a necessity. There are technologies emerging that close this gap and offer true end-of-life security, quietly solving one of cybersecurity’s most ignored threats. It’s time we shift focus and treat offboarding with the urgency it deserves. The article is well worth the read, #CyberSecurity #DataErasure #ICTManagement #CISO #RiskManagement #Offboarding #AssetSecurity #Compliance #EndOfLifeSecurity #DeepDeletion #Infosec #Secloud

Want tighter control over who can see whose HR information in Dayforce? Dayforce has a built-in control called People Role Security that decides who can see whose HR information. It can limit visibility between roles, down to feature-level access in People, Mobile, and even Timesheets. Most admins never touch it, but understanding how it works can completely change how you manage confidentiality and access in your system. I’ve put together a short mini-guide that explains exactly how it works and how to set it up safely. Perfect for new admins who want to avoid permission headaches later.

A CISO friend sent this to me today — and it’s such a perfect reminder of why HR and InfoSec should be best friends. In this case, the attacker got into employee accounts, created inbox rules to hide Workday alerts, and quietly redirected paychecks to their own bank accounts. Simple. Sneaky. Expensive. Here’s the thing: this could have been stopped before the money moved. HR (and especially HR Tech/Ops) can also be a line of defense when the tech stack is closely partnered with enterprise security. Network monitoring catches breaches after the fact — but smart operational guardrails can serve as critical prevention mechanisms as well. A few simple Workday (and most HRIS systems) controls that make a big difference: 1. Flag duplicate bank account numbers. This can be done a few ways but easiest would be to build a quick custom report that surfaces any repeated account numbers across employees BEFORE processing payroll and moving money. Workday path: Create Custom Report → Bank Account Number field → group + count → flag if count > 1. Spouses sharing an account? Fine. Two “random” employees? Not fine. 2. Turn on notifications for banking info updates. Set up alerts so HR Ops or Payroll get a notification whenever someone changes direct deposit info. Workday path: Business Process → Payment Elections Change → add Notification or Approval step (especially close to payroll). I don't recommend an approval - that slows down the business and is non-value add IMO. But, one quick email/inbox item could stop a lot of pain. 3. Watch for inbox rules that hide alerts. Coordinate with InfoSec to detect when employees have rules deleting Workday or Payroll emails. M365/Google tip: Create detection policies for auto-delete rules containing payroll keywords. #HR and #InfoSec aren’t separate silos. They’re #partners in protecting people and paychecks. If your HR team isn't working closely with InfoSec or vice versa, push them to start! #workday #workdaypayroll #infosec #employeeprotections #hroperations #hrtechnology #cybersecurity Credit to the original post on X: https://lnkd.in/gUc3bwTM

Remote work created a security gap most companies still haven’t closed. When an employee leaves, that corporate laptop instantly becomes a compliance risk. Here’s what the best IT teams do differently: 1️⃣ They don’t email return labels or rely on employees to handle shipping. They control the process from day one with a prepaid, pre-packaged return kit. 2️⃣ They don’t guess. They track every asset from the moment it leaves the employee’s hands until it’s physically back on site. 3️⃣ They don’t let laptops pile up in a closet. Each one gets a clear next step — evaluate for disposal or reprovisioning, then securely store or responsibly dispose. Every hour a device is “in limbo” is an hour your company is exposed. If you’re looking to strengthen your process or relieve the burden on your IT team.. Retriever can help. 🐶 🔗 Learn more: www.helloretriever.com 📅 Schedule a demo: bit.ly/428PwoF #EmployeeOffboarding #RemoteWork #LaptopRetrieval #Retriever #RemoteIT #LaptopReturns #IAITAM #ITassetmanagement #devicereturns #DeviceRetrieval

Navigating E-Verify During the Government Shutdown: What Employers Need to Know As of September 30, 2025, E-Verify and all related customer support systems are temporarily unavailable due to the federal government shutdown. That means no new cases can be created, no accounts accessed, and no Tentative Nonconfirmations (TNCs) resolved until the system is restored. While this pause creates real operational challenges, the Department of Homeland Security (DHS) has provided the following guidance: + Three-Day Rule Suspended – Employers will not be penalized for missing the E-Verify case creation deadline during the shutdown. + Form I-9 Still Required – You must still complete Form I-9 within three business days of an employee’s start date. + Remote I-9 Procedures Continue – Authorized employers may keep using remote verification options. + Extended Timelines for TNCs – Employees will have additional time to resolve mismatches once the system returns. + Federal Contractors – Check with your contracting officer for any revised deadlines. What Employers Should Do Now: + Keep completing Form I-9s as usual. + Document your efforts to comply once E-Verify is back online. + Avoid delaying start dates or taking action against employees with pending cases. + Watch the official E-Verify site for system status updates. If you need help to stay compliant in these extraordinary times, Peoplyst stands ready to assist. Contact us today.

The Unsung Backbone of Every Organization: IT Service Desk & System Administrators 🫡 In today’s hyper-connected workplace, seamless technology isn’t a luxury — it’s a lifeline. Yet behind every stable system, every quick recovery, and every “It’s working now,” stands a team that rarely seeks the spotlight: the IT Service Desk and System Administration professionals. Their day-to-day is a mix of technical triage and digital diplomacy — balancing complex infrastructure, tight SLAs, cybersecurity vigilance, and, of course, the endless stream of “urgent” tickets. From pre-dawn system checks to late-night troubleshooting, these professionals ensure that: Operations never stall, even when systems falter. Business continuity remains unshaken. Every user — from intern to executive — stays connected, secure, and productive. It’s not just about fixing issues; it’s about enabling business performance, building trust, and ensuring resilience across the digital enterprise. So here’s a thought: the next time everything in your IT ecosystem “just works,” pause for a moment — because that quiet efficiency is the signature of your Service Desk and Admin teams doing their best work. To all IT professionals behind the scenes: your impact is immense, your value immeasurable, and your resilience unmatched. #ITLeadership #ServiceDesk #SystemAdmin #DigitalResilience #ITProfessionals #TechnologyEnablement

What if you could cut your remote-work security risk by 40% in 30 days without buying new hardware? Here’s the challenge: Take just 30 minutes this week to review 3 things in your organization: - MFA Coverage: Is multi-factor authentication enforced on all critical apps (email, CRM, payroll)? - Password Manager Usage: Does every staff member (yes, including volunteers and interns) use a secure password manager instead of sticky notes and browser autofill? - Offboarding Checklist: When someone leaves, how quickly are their accounts fully disabled across systems? If all three are airtight, you’re ahead of 90% of the remote and hybrid organizations I talk to. If not, that’s your fastest path to cutting security risk without opening your wallet for new equipment. My question to you: which of these three feels like the biggest gap in your org right now? #TechAdvisor #JTaaS HostPoint Solutions Inc

Your policies are only as good as people's ability to follow them. But here's the reality check: that 47-page employee handbook sitting in someone's email from six months ago? Nobody's reading it. The updated security protocols buried in a shared drive? Half your team doesn't know they exist. When policies are hard to find, outdated, or scattered across platforms, compliance becomes accidental rather than intentional. AllyMatter's Policy Management System ensures your guidelines actually guide: > Centralized policy library with instant search capabilities > Automatic notifications when policies are updated > Clear acknowledgment tracking for compliance requirements > Role-based access so people see only what's relevant to them The best policy in the world is worthless if your team can't find it when they need it. AllyMatter: Making policy compliance effortless, not accidental.