# Employee Offboarding External services that need to be deactivated or disabled when an employee is offboarded. ### All Empoyees - [Active Directory](#) - [LastPass](#) - [Slack](#) - [Teamviewer](#) #### The following shared credentials must be rotated (if applicable): - Wireless access point shared keys (Update LastPass share, notifiy location) - [Internal Project Admin accounts](#) - [External Shared Accounts](#) #### Physical assets: - RFID key card must be deactivated and destroyed (even if returned) - Yubikeys must be returned (see [Yubikey asset tracking sheet](#)) - Laptops (see [Laptop asset tracking sheet](#)) - Work phone (if applicable, see [Phone asset tracking sheet](#)) ### Development, IT, and Support #### The following accounts must be deactivated: - [PagerDuty](#) - [Zendesk](#) - [Basecamp](#) #### The users must be disassociated or removed from our organization at: - [Github](#) (See [username to employee mapping sheet](#)) - [Codacy](#) #### The following 3rd party credentials must be rotated: - Customer VPNs (See [Customer Remote Access tracking sheet](#)) - Customer SFTP credentials - EasyPost API Tokens - Sendgrid API Tokens #### Other processes: - SSH public keys must be removed from VMs and revoked from all authorized_keys files - Any database users need to be removed