Internal Documentation

On- and Off-boarding Procedures

On-boarding

All on-boarding is contingent on receiving a signed PICAA. Please don’t jump the gun on giving access – confirm that the PICAA has been signed before starting.

Track on-boarding via the checklist template. Instantiate one for each person you’re on-boarding. In your Documents, go to Add New > Start with template > New User Checklist. Share the checklist with others who may have a role in on-boarding.

Note the differences for permanent employees, interns/temps, and consultants.

Off-boarding

(Search keywords: offboarding, offboard, off-board)

Before the last day

Organize ownership transition for the departing employee/contractor. Consider having the offboarding person create a task list and share it.

For coders, this includes:

  • transitioning ownership of tickets, PRs, documents, and feature flags.

End of Last day

Attempt to deny access to all of the company accounts at about the same time. Of all of the account deactivations, the one that takes the longest is Google Workspace, so to speed that along, just suspend the workspace account, take care of all of the non-google apps, and then come back and do the Workspace steps at the end.

Revoke Dashlane Shared Access

  1. Login to Dashlane > Go to Sharing Center

  2. Find departing user and revoke access to any shared passwords

Remove from all other company accounts

  1. Slack: Deactivate account

  2. Hubspot: Remove access and delete account

  3. Airbase: Delete user

  4. Github: Remove member doc / Page

  5. Almanac: Deactivate user

Other tools

Go through the New User Checklist and delete anything not covered above.

Check the census of tools and remove them from any other company account.

Google Workspace

We have a Google Workspace Standard account, which doesn’t come with many bells and whistles. So removing a user is very manual and very pain in the ass. Follow these steps in order:

  1. Login as the superuser to the Admin panel and go to Directory > Users and select the departing user.

  2. Check whether they have emails stored in gmail (check utilization). If their gmail storage is 0, go to step 4.

  3. If they have emails you care to save, set up email transition

  4. Update the profile “Update user” to replace their firstname@c15.io email address with firstname-delete@c15.io

  5. Go to “Add Alternate Emails” and remove firstname@c15.io as an alternate address

  6. Reset the user’s password and copy the new password

  7. Turn off 2FA

  8. Go to Add to Groups in the left sidebar and add them to the 2FA Exempt Group

  9. Go to Security and turn off BOTH 2FA and Login Challenge (for 10 min)

  10. Export the user’s gmail to a zip file

  11. Open a separate profile from your own (e.g. Incognito tab)

  12. Login to the user’s gmail account (firstname-delete@c15.io)

  13. Go to https://takeout.google.com/ and export their Gmail to Drive

  14. You can now skip to Step 5.

  15. Go back to your Admin window and suspend the user. We do this because deleting the user takes time, so to stop access right away, suspend them first.

  16. Then, delete the user

  17. Select the “transfer files” option and move their drive items to the designated recipient (unless otherwise specified, that would be you, the admin).

  18. When the file migration is complete, move their drive folder (now in your account) to Restricted - Personnel Shared Drive.

Visibility

This document is confidential and is a proprietary work product of Cadence OneFive. The information contained herein may not be copied or distributed without the specific written consent of Cadence OneFive.