Offboarding best practices

This article discusses best practices when deactivating an employee's Datto SaaS Protection account

Environment

  • Datto SaaS Protection for Google Workspace

  • Datto SaaS Protection for M365

Description

Follow these steps to properly offboard an employee account.

Remove the employee's Datto Partner Portal account

If the employee you are attempting to remove is the primary account holder or a security administrator, only another security administrator can remove that account.

1, Navigate to Portal Login AdminManage Employees.

2. You will have two options: Deactivate Account or Delete Account.

  • Deactivating the employee user account will restrict it from logging in. The account can be reactivated in the future.

    Deleting the employee user account will permanently remove it. The account cannot be reactivated.

Verify the removal of all employee access

After you complete this step, access any SaaS account that the employee had access to and review the current listed administrators.

1. While signed into the partner portal with credentials that have access to SaaS Protection accounts, click the Status drop-down menu and select SaaS Protection.

2. Click any of the names for an organization account that to which the employee previously had access. This will bring you into the dashboard for that specific organization.

3. In the toolbar at the top of the screen, click into the Admin drop down and select Manage Administrators.

If the employee has a lingering admin within the SaaS accounts, contact Datto Technical Support.

4. Review the admin entries on this screen for any users that match the removed employee's name. If there is still an active super admin for that user, contact Datto Technical Support for assistance.