Naye Employee Onboarding Security Checklist: IT Teams Ke Liye Guide
Naye employees ke liye complete security checklist. Account creation, password policies, 2FA setup, security training aur access control sabhi shamil hain.
Naye Employee Onboarding Security Checklist
Har naye employee ko dozens accounts, access permissions aur credentials chahiye hote hain. Ye process jaldi jaldi karne se security gaps create hote hain jo mahino tak bane rehte hain. WhatsApp par temporary passwords bhejne, sabko ek hi default password dena, ya 2FA setup ko postpone karna -- ye sab common mistakes hain jinke serious consequences hote hain.
Joining Se Pehle Ki Taiyari (D-3 Se D-1)
Account Creation
| Item | Details | Priority |
|---|---|---|
| Company email | Company domain email create karein | Essential |
| Slack/Teams | Workspace account setup | Essential |
| Cloud storage | Google Drive/OneDrive access | Essential |
| Project management | Jira/Notion/Asana account | High |
| VPN | Remote access VPN credentials | If applicable |
| Code repository | GitHub/GitLab invitation | Engineering |
Device Preparation
- Laptop/desktop par company security policy apply karein
- Full disk encryption enable karein (BitLocker/FileVault)
- Endpoint protection software install karein
- Auto screen lock configure karein (1 minute)
- Remote wipe capability setup karein (MDM)
Pehla Din
Step 1: Password Policy Samjhayein
Minimum Requirements:
- Length: 12 characters ya zyada
- Composition: uppercase, lowercase, numbers, special characters
- Prohibited: naam, birthday, sequential numbers, dictionary words
- Purane passwords reuse nahi kar sakte
- Rotation: har 90 din mein change
Password Manager:
- Enterprise password manager deploy karein (1Password, Bitwarden)
- Sabhi work account passwords manager mein store karein
- Sirf master password yaad rakhna hai
Step 2: Two-Factor Authentication (2FA) Setup
| Account | 2FA Method | Priority |
|---|---|---|
| Authenticator app | Essential | |
| Slack/Teams | Authenticator app | Essential |
| Cloud storage | Authenticator app | Essential |
| VPN | Hardware key ya authenticator | Essential |
| GitHub/GitLab | Authenticator ya hardware key | Engineering |
| Admin panels | Hardware key recommended | Admin roles |
Important: SMS-based 2FA avoid karein -- ye SIM swapping attacks ke liye vulnerable hai. Authenticator apps ya hardware keys use karein.
Step 3: Initial Passwords Safely Dein
Kya NAHI karna chahiye:
- WhatsApp par passwords bhejne
- Ek email mein sabhi passwords likhna
- Sticky notes par passwords likhna
- Sabko same default password dena
Kya karna chahiye:
- LOCK.PUB password-protected memos se initial passwords share karein (24 ghante expiry)
- Pehle login par password change force karein
- Har service ke liye alag temporary password use karein
Pehla Hafta (D+1 Se D+7)
Security Training
Required Topics:
- Phishing recognition: Suspicious emails aur links identify karna
- Password management: Company password manager kaise use karein
- Device security: Screen lock, encryption, device lost hone par kya karein
- Data classification: Confidential, internal aur public data ka handling
- Incident reporting: Security problem hone par kab aur kaise report karein
Access Control
| Role | Access Scope | Permission Level |
|---|---|---|
| Individual contributor | Team resources | Read/Write |
| Team lead | Team + cross-team | Read/Write/Manage |
| IT administrator | All systems | Full admin |
| External contractor | Project-specific | Read-only |
Ongoing Monitoring
30-Din Ki Review
- Sabhi initial passwords change ho gaye
- 2FA sabhi required services par active hai
- Koi unnecessary access permissions nahi hain
- Password manager sahi se use ho raha hai
- Security training complete ho gayi
Quarterly Audit
- Access permissions review aur unnecessary ones revoke karein
- Password rotation compliance verify karein
- Security incident logs review karein
- Resigned employees ke accounts turant disabled hain
LOCK.PUB Ko Onboarding Mein Use Karein
LOCK.PUB initial credentials ki secure delivery ko asaan banata hai.
Workflow
- Har service ke liye individual password-protected memo banayein (24h expiry)
- Memo links naye employee ki company email par bhejein
- Access passwords personally orientation ke dauraan batayein
- Employee access karke turant passwords change kare
- Memos automatically expire ho jaayein
Offboarding Checklist
- Sabhi accounts turant disable/delete karein
- Email forwarding setup karein agar zaroorat ho
- Sabhi shared passwords turant change karein
- VPN aur remote access turant revoke karein
- Company devices recover aur wipe karein
- Cloud storage access remove karein
- Code repository access remove karein
- Physical access cards recover karein
Conclusion
Security-focused onboarding poori organization ko strong banata hai. Account creation se lekar password policies, 2FA setup, security training aur access control tak -- har step important hai. Initial passwords deliver karne ke liye WhatsApp ya email ki jagah expiration aur password protection wale tools use karein.
LOCK.PUB par password-protected memo banayein apne next employee onboarding ke liye.
कीवर्ड
यह भी पढ़ें
टेम्पररी फ़ोन नंबर गाइड — उपयोग, सेवाएं और सावधानियां
ऑनलाइन डेटिंग, मार्केटप्लेस या सर्विस साइनअप के लिए डिस्पोज़ेबल नंबर चाहिए? Google Voice, Hushed, Burner और फ्री विकल्पों की तुलना।
लॉक किया हुआ लिंक कैसे खोलें: प्राप्तकर्ताओं के लिए त्वरित गाइड
पासवर्ड से सुरक्षित लिंक मिला? जानें कि लॉक किए गए लिंक को स्टेप बाय स्टेप कैसे खोलें। पासवर्ड दर्ज करने से लेकर एक्सेस समस्याओं को हल करने तक की पूरी गाइड।
डिजिटल इमरजेंसी कॉन्टैक्ट कार्ड (ICE कार्ड) कैसे बनाएं — दुर्घटना में आपकी जगह बोलने वाला कार्ड
अगर एक्सीडेंट के बाद आप बेहोश हैं, तो एम्बुलेंस टीम को सबसे पहले आपके इमरजेंसी कॉन्टैक्ट, ब्लड ग्रुप और दवाओं की लिस्ट चाहिए। जानिए डिजिटल ICE कार्ड कैसे बनाएं।
अभी अपना पासवर्ड-संरक्षित लिंक बनाएं
पासवर्ड-संरक्षित लिंक, गुप्त मेमो और एन्क्रिप्टेड चैट मुफ्त में बनाएं।
मुफ्त में शुरू करें