Departing Employees reference
Overview
From Departing Employees, you can review the file activity of employees leaving your company, helping you to:
- Quickly identify suspicious file movement
- Review endpoint and cloud services activity
- See file activity for the previous 90 days
This article describes the information and options in the Departing Employees list.
For instructions on how to add users to Departing Employees and investigate suspicious file activity, see Add departing employees.
Considerations
- To add or remove departing employees, you must have roles that provide the necessary permissions. We recommend you use the roles in our use case for adding users to detection lists.
Departing Employees
To access the Departing Employees list:
- Sign in to the Code42 console.
- From the Departing Employees tile on the Risk Exposure dashboard, click any value, or go to User Activity > Departing Employees.
Departing Employees list
The Departing Employees screen lists the users who have been added as departing employees.
Item | Description | |
---|---|---|
a | Alert settings ![]() |
Click to open the Alert Settings window, from which you can:
|
b | Add departing employee | Click to add a new user to the list of departing employees and start reviewing their file activity. |
c | Total departing employees | Click to see a list of all departing employees. This option is selected by default. |
d | Leaving today | Click to see the employees that have a departure date of today. |
e | Put data at risk in last 24 hours | Click to see the employees that had suspicious file activity in the past 24 hours. |
f | Put data at risk in the last 30 days | Click to see the employees that had suspicious file activity in the past 30 days. |
g | Employee |
Displays the employee's name and Code42 username. Click their Code42 username to see their User Profile. |
h | Department/Title |
Displays the employee's department and title if you use provisioning. (If you use User Directory Sync or SCIM provisioning, this information is automatically populated by your provisioning provider. You must first add the department and title attributes if you use Okta provisioning or PingOne provisioning.) If you don't use provisioning, this information does not appear and cannot be added manually. |
i | Events | Displays the number of file events in which a file was
moved to removable media or cloud sync folders, read by a browser or other app, or had its cloud share permissions changed. |
j | Size | Lists the total size of the files included In the file event activity. |
k | Departure date | Lists the date entered for the employee's departure. If no date was entered, no value is listed. |
l | User profile notes | Displays any additional notes entered when the profile was created. If no notes were added, this field is blank. These notes are visible to your team members. |
m | View profile ![]() |
Opens the User Profile for the employee. |
n | Remove employee ![]() |
Removes the employee's profile from the Departing Employees list and from the view of your team members. |
o | View event details ![]() |
Click to view the employee's file events broken down by destination and file category group. |
p | Rows per page | Select to display 10, 25, 50, or 100 employees per page. |
q | Pagination | Click forward or backward to see pages of results. |
User Profile
To view an employee's user profile, click View profile in the list of employees.
Employee information
Item | Description | |
---|---|---|
a | Departing Employee indicator |
Shows that this employee has been added to the Departing Employees list. Click to jump to the Departing Employees list.
Click the "x" on the indicator to remove the employee from the Departing Employees list. This will remove the employee from the Departing Employees list for your team members as well. |
b | Employee information |
|
c | Profile details | Information such as risk factors, departure date, or profile notes that was added to the employee's profile from the Departing Employees list or High Risk Employees list. |
d | Edit ![]() |
Click to edit employee information, including cloud aliases, departure date, and User profile notes. |