An essential part of security is ensuring that former employees lose access to accounts and systems as soon as they leave.  

Offboarding Employees

If you have an identity provider (ie, Gsuite, O365, Okta) or an HRIS (ie, Rippling, Gusto, Bamboo) connected to Vanta, these integrations are considered the 'source of truth' for an employees status. 
As soon as Vanta detects a change in status from the connected service, we will prompt you to offboard the user. 

You can learn more about how an employee status is determined here: How Does a Person's Employment Status get Determined?

• The offboarding drawer is used to surface and group together actionable items. Unmonitored accounts that require administrators to verify deactivation can be marked in bulk via the Mark all deactivated button.
  • The unmonitored accounts section includes all vendors that do not have corresponding credentials connected. The monitored accounts section consists of all vendors for which credentials are connected, and we have detected the user having an account.
    
    
• Admins may also override Vanta and mark monitored accounts as deactivated if they provide a reason. This helps support workflows where Vanta is not able to automatically detect that access has been removed (ex: Admin manually changed the password on a google workspace account but would like to keep the account active).
  
  
• Manually added users follow the same process as marking unmonitored accounts. Approve deactivation of each integration, then follow up with complete offboarding. 

Offboarding Override