There is a middleground, but it requires conscious effort to prop-up, support, and maintain over the long haul: off-boarding centers.

I worked for a Big Tech company that actually did this, and it made the transition a lot easier. You could still access corporate resources necessary for the transition (HR, benefits, internal job postings, training offerings, expense reporting, etc), check-in with colleagues 1:1 (who would be warned this person was no longer part of the org, attachments could be blocked to prevent exfil, etc), and still send/receive email internally (though external was blocked by default and required justification).

You can safeguard your corporate infrastructure without actually cutting everything off entirely and sending someone home to stew angrily about it. In fact, there might be (as yet undocumented) advantages to letting folks exist in that transition period on that segmented infrastructure, so as to identify potentially bad actors before they can do harm and see about mending bridges.

Of course all of that requires conscious investment in projects with no clear quarterly/yearly KPIs to measure cost or success against, so most employers will never remotely consider it.

> When you are talking about access like they had "make firings as abrupt as possible including terminating all access immediately" not doing this is incompetence.

You're proving my point—employers take the most extreme lesson and it's considered expected practice. They absolutely should have immediately terminated the credentials that granted unilateral access to sensitive databases. (Ideally those would never exist in the first place—there are two-person schemes. A pair of bad actors...well apparently happens according to this article...but is far more unusual.) But employers regularly (but shouldn't) terminate all access including credentials that allow last email to colleagues exchanging personal contact info or something.

If you don't trust your people so much, why to hire them in a first place?

Looking at it from Europe - it is such a weird inhumane practice.

Someone decided your position is redundant. Okay, shit happens, economic downturn, etc. Then you have extra 3-6 months of work to pass your knowledge, train replacement and document everything.

Yeah but if you defense against somebody erasing a database is "we remove their access when they're fired" then your defense is garbage.

Like there's so many other attack vectors besides an upset ex-employee.. Like all those articles about NK employees who presumably are trying very hard not to be fired. Or employees using company provided insecure email software leaving them vulnerable to ransomware et al.

I suppose that's a very powerful way of preventing "accidents" on termination. But isn't that just theatre? I mean - as though termination is the one and only case where an employee with the power to destroy the company gets angry and might do something really stupid?!

Having people with that level of access without some form of two-person-control is already a sign of incompetence.

There is another thread elsewhere on the first page about low-trust USA.

Sadly, behaviors and expectations converge toward one another.

Last time I was laid off they let me keep my laptop for the rest of the day. I gave it to them immediately to avoid any accusations of sabotage.

Eventually I tried to log into one of my old cloud accounts, to find it was only disabled since 9 days after my layoff. Pretty sloppy.

I work in government. If you think that is incompetence, then I have stories that could make your skin crawl.