Empuls automatically deactivates all access rights for departing employees within 24 hours of their termination date, ensuring no unauthorized access persists beyond that window.
How Empuls Handles Access Revocation at Offboarding
When an employee leaves an organization, every active permission tied to their profile becomes a potential security liability. Empuls enforces a strict 24-hour access revocation policy, ensuring that departing employees lose all access to the platform — including reward balances, recognition feeds, peer nominations, and administrative panels — within one day of their documented termination. This policy applies regardless of how the termination is initiated: voluntary resignation, involuntary separation, contract end, or leave of absence conversion.Integration with Your HRMS
Empuls connects directly with leading HR information systems so that offboarding events trigger access removal without requiring manual intervention. When a termination record is updated in systems like Workday, SAP SuccessFactors, or Darwinbox, Empuls picks up the change through its HRMS sync and begins the deactivation sequence automatically. For example, an HR team using Darwinbox can mark an employee as terminated at the close of business, and Empuls will reflect that status change — locking the user’s account and invalidating all active sessions — within the 24-hour compliance window. No IT ticket. No manual admin step. This automation eliminates the gap that often exists between HR records and application access, a gap that is a common finding in security audits.Compliance Alignment
The 24-hour revocation requirement is a standard control referenced in access management frameworks and procurement security assessments. Empuls’s handling of this control is consistent with the access lifecycle requirements outlined under ISO 27001 (specifically Annex A.9 — Access Control) and the logical access controls evaluated as part of SOC 2 Type II audits. Organizations that hold or are pursuing SOC 2 Type II certification can reference Empuls’s offboarding behavior as evidence that third-party SaaS tools in their stack meet access termination standards.Notification and Audit Trail
Access revocation events are logged in Empuls’s audit trail with a timestamp, the triggering event source, and the list of permissions removed. Security and compliance teams can pull these logs during internal reviews or vendor assessments to demonstrate that the 24-hour control was met for every offboarding instance. Empuls also supports notification hooks that can surface deactivation confirmations in collaboration tools like Slack or Microsoft Teams, giving IT and People Ops teams real-time confirmation that an offboarding cycle completed successfully.What Happens to Pending Rewards
Any points or rewards that were earned but not redeemed at the time of termination are governed by your organization’s redemption policy configured within Empuls. Access to those balances is frozen at the point of deactivation. Empuls does not automatically forfeit or redistribute unredeemed rewards without an explicit admin action, giving HR teams control over how those cases are resolved. Learn more: Empuls Help Centre — Security ComplianceHow does Empuls handle role-based access control?
Learn how Empuls restricts platform permissions by role, ensuring employees only access the modules and data relevant to their function.
Is Empuls SOC 2 Type II certified?
Understand the scope of Empuls’s SOC 2 Type II audit coverage and what controls are evaluated for third-party vendor assessments.