If employees need to share files to do their work, companies should provide access to a platform that has enterprise management functionality.
"Then the access can get taken away when the person decides to leave," said Levine.
4. Don't share accounts
Employees should not be sharing access to servers, networks, or cloud applications.
"Assign them each a separate login," said Levine.
When possible, connect cloud applications to your company's active directory, so you can easily turn off all access when employees leave the company.
"There are various cloud-based authentication services that integrate with active directory," said Levine.
Unfortunately, that's not always the case. A company might have only a single login for its Twitter or Facebook account, for example.
A single sign-on solution might help in these cases, logging into the cloud service on behalf of the employee, so that they never have to have access to the company social media account.
And if you don't have one?
"Be very disciplined about changing the passwords to all those resources when anyone leaves," Levine said.
5. Run regular audits
Even with the best practices in place, something can slip through the cracks.
That's why many companies run audits of their critical systems and resources.
"Every three to six or 12 months, go through the list of people who have access, and make sure that those people still work for you, and that they still need access to those resources," said Levine.
Sign up for CIO Asia eNewsletters.