Can we talk about the termination process from an IT POV?

2»

Comments

  • HeroPsychoHeroPsycho Inactive Imported Users Posts: 1,940
    Paul Boz wrote: »
    The corporation has the right to look at what data is leaving the organization and deem whether it is safe to let go or not.

    You sound like a corporate tool.
    Good luck to all!
  • Paul BozPaul Boz Member Posts: 2,620 ■■■■■■■■□□
    HeroPsycho wrote: »
    You sound like a corporate tool.

    I sound like a guy who is paid solid money to tell companies what I'm telling you. Corporate tool is accurate. It comes with a hefty price tag, I'll deal with that. Management hires me to do what I do, not the end users that I'm protecting management from.
    CCNP | CCIP | CCDP | CCNA, CCDA
    CCNA Security | GSEC |GCFW | GCIH | GCIA
    [email protected]
    http://twitter.com/paul_bosworth
    Blog: http://www.infosiege.net/
  • veritas_libertasveritas_libertas CISSP, GIAC x5, CompTIA x5 Greenville, SC USAMember Posts: 5,745 ■■■■■■■■■■
    HeroPsycho wrote: »
    You sound like a corporate tool.

    Umm... Lets not forget that when you work for the company you do the following...

    1. Get paid to work by the company.
    2. Work on the company's computers.
    3. Agree to the company's computer use agreement. (Which honestly almost no user does).
    Where I once worked it was company policy for all the sent / received e-mails to be looked through after termination / resignation. I mean come on, to me it is no different than having your company credit card / phone calls audited. They want to know what you did with their equipment. In some cases the company can be liable if you mishandled their tools.

    If I am wrong about anything I said please correct me.
  • human151human151 Member Posts: 208
    by end users you mean the people who actually do the work. Give them a little respect.
    Welcome to the desert of the real.

    BSCI in Progress...

    Cisco LAB: 1x 2509
    1X2621
    1x1721
    2x2950
    1x3550 EMI
  • veritas_libertasveritas_libertas CISSP, GIAC x5, CompTIA x5 Greenville, SC USAMember Posts: 5,745 ■■■■■■■■■■
    human151 wrote: »
    by end users you mean the people who actually do the work. Give them a little respect.

    Did I say end user? I just reread my post, and I cannot find that. I did write user. I believe I am a user icon_rolleyes.gif

    At least the pop-up message on my Workstation tells me I am.
  • Paul BozPaul Boz Member Posts: 2,620 ■■■■■■■■□□
    human151 wrote: »
    by end users you mean the people who actually do the work. Give them a little respect.

    Your argument is coming off like management doesn't do work. If management doesn't protect the integrity of the organization the end users don't have a JOB. That is the function of good policies and procedures. I do not work in management, I just work with management at other organizations. I understand how I fit into my company. I also understand that I, like any employee at any company, am an asset, not a member of the family. Employee cost is no different from technology cost. Both are different types of assets used in the organization.
    Did I say end user? I just reread my post, and I cannot find that. I did write user. I believe I am a user icon_rolleyes.gif

    At least the pop-up message on my Workstation tells me I am.

    I believe he was referring to my post.
    CCNP | CCIP | CCDP | CCNA, CCDA
    CCNA Security | GSEC |GCFW | GCIH | GCIA
    [email protected]
    http://twitter.com/paul_bosworth
    Blog: http://www.infosiege.net/
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    HeroPsycho wrote: »
    You sound like a corporate tool.

    By wanting to inspect data to make sure there's no confidential information leaving the company? Isn't that standard practice?
  • PlantwizPlantwiz Alligator wrestler Mod Posts: 5,057 Mod
    Paul Boz wrote: »
    I sound like a guy who is paid solid money to tell companies what I'm telling you. Corporate tool is accurate. It comes with a hefty price tag, I'll deal with that. Management hires me to do what I do, not the end users that I'm protecting management from.

    icon_cheers.gif

    Amen!
    Plantwiz
    _____
    "Grammar and spelling aren't everything, but this is a forum, not a chat room. You have plenty of time to spell out the word "you", and look just a little bit smarter." by Phaideaux

    ***I'll add you can Capitalize the word 'I' to show a little respect for yourself too.

    'i' before 'e' except after 'c'.... weird?
  • PlantwizPlantwiz Alligator wrestler Mod Posts: 5,057 Mod
    dynamik wrote: »
    By wanting to inspect data to make sure there's no confidential information leaving the company? Isn't that standard practice?



    It should be for many businesses. Some it just won't matter as the risk small to none. However, it can usually be argued that whomever is paying...has the right to set the rules how they see fit. It is just good practice to set the rules up front so everyone is clear.

    Work PCs, belong to the company. And if one choses to use their personal equipment on the company network, it then is subject to the same scrutiny (IMO) for security purposes.

    Don't mix personal with business.
    Plantwiz
    _____
    "Grammar and spelling aren't everything, but this is a forum, not a chat room. You have plenty of time to spell out the word "you", and look just a little bit smarter." by Phaideaux

    ***I'll add you can Capitalize the word 'I' to show a little respect for yourself too.

    'i' before 'e' except after 'c'.... weird?
  • human151human151 Member Posts: 208
    I just think we should remember that these assests are human beings and deserve a little respect for furthering the goals of the company. I know me and my peers but our butts and work long hours and maintenance windows to further the company. They do not deserve these types of games like "distract this guys while I fire this other guy" or "pretend you need to do something under his desk and unplug his cable"

    I've never been fired (knock on wood) but if I go I wouldn't expect these petty games to be played by my employer.

    Yes I realize that I work for the company, its not a family but everyone deserves some respect and dignity.
    Welcome to the desert of the real.

    BSCI in Progress...

    Cisco LAB: 1x 2509
    1X2621
    1x1721
    2x2950
    1x3550 EMI
  • Paul BozPaul Boz Member Posts: 2,620 ■■■■■■■■□□
    human151 wrote: »
    Yes I realize that I work for the company, its not a family but everyone deserves some respect and dignity.

    There is a right way to fire someone and a wrong way and most of the ways which you described (as sited from other posts in this thread) are the wrong ways. I learned a while back that business is business and its ugly and it sucks, but it keeps the lights on and bread on the table. It is what it is.
    CCNP | CCIP | CCDP | CCNA, CCDA
    CCNA Security | GSEC |GCFW | GCIH | GCIA
    [email protected]
    http://twitter.com/paul_bosworth
    Blog: http://www.infosiege.net/
  • blargoeblargoe Self-Described Huguenot NC, USAMember Posts: 4,174 ■■■■■■■■■□
    I agree here. You must disable access first. It kind of defeats the purpose if you disable access after you fire them.
    We fired a tech at one of distribution centers and his access didn't get turned off in a timely manner. He deleted their file share and destroyed all the backups. Kind of an extreme example, but you have to disable first, always.

    The company that I work for calls IT when they're having the meeting with the terminated employee letting them know they are excused from their position and access is turned off at that time. If they don't think the person is going to make a scene, they might let them back to their desk to gather their things, with an HR escort. Sometimes they ask them to come back after hours. Any personal data on the computer if it's requested is copied off by someone in IT and sent to them in the mail.
    IT guy since 12/00

    Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
    Working on: RHCE/Ansible
    Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands...
  • blargoeblargoe Self-Described Huguenot NC, USAMember Posts: 4,174 ■■■■■■■■■□
    The only data we generally send, when it's requested, is contacts. Unless they were sales people, then usually not. If they're looking for particular personal files, we might send that to them as well (ie pictures, music, some documents etc) but not without knowing what it is, and it all has to come through HR.
    IT guy since 12/00

    Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
    Working on: RHCE/Ansible
    Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands...
  • HeroPsychoHeroPsycho Inactive Imported Users Posts: 1,940
    dynamik wrote: »
    By wanting to inspect data to make sure there's no confidential information leaving the company? Isn't that standard practice?

    icon_lol.gif I can't believe you guys took me seriously...

    That was entirely too much fun.
    Good luck to all!
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    Oh, I figured you were just jealous that Paul was at least a specific type of tool...
  • KaminskyKaminsky Member Posts: 1,235
    mikedisd2 wrote: »
    I don't think there would be any company that caters for people's personal data. Officially speaking it shouldn't be on the company systems. They might even say that it is now company property (though I doubt it, still why trust em?).

    One of the usual things people are after is copies of emails they may need for possible future litigation against the company that fired them. Except with major c**k ups, dismisals are usually long time coming after lengthy email chains and warnings being involved. That is why IT department policy should never be to delete email accounts immediately (maybe restrict access to them) as the ex-employee does still have a right to them under freedom of information - That is if they have been dumb enough not to take hard copies of the relevent ones in advance. IT policy should be to hold them read only (even from their own managers who may bowse through them and might find an unfavourable one and try to delete it) for at least 6 months whether that is online or off line.

    It's not going against the company or being in solidarity with the ex-employee. It's about running a professional IT department that is aware of it's legal responsibilities of all the information it has a duty of care over.
    Kam.
  • RobertKaucherRobertKaucher A cornfield in OhioMember Posts: 4,299 ■■■■■■■■■■
    Kaminsky, I don't know about the UK, but freedom of information does not apply to a corporation and its employees in the US. No such right exists.

    The issue here is that we are approaching a percieved grey area that is actually very black and white. IT has allowed one's work environment to chip away more and more into the personal lives of employees. VPNs, BlackBerries, Mobile Computers, etc... No body can expect an employee NOT to have a certain amount of personal information on their laptop or in their inbox.

    But when it comes time to terminate the employee's employment (be it a layoff, voluntarily leaving for another job, etc) policy must be followed strictly even in small environments. If exceptions are made for employee X (who is in good standing) then they might also be made for employee y (who has been stealing corporate data for months). Management is not going to communicate all of the details about a dismissal to a mid/low level IT worker. So if Mr. Smith was allowed to access his personal data (pictures of his family) on his laptop, why shouldn't Mr Spy be able to access data (a logic bomb that will format the hard drive) on his?

    Follow your company's policies to the letter at times like this. They are there to protect you and the company. If you believe these policies are unclear or inadequate then talk to your boss or HR department about them. If you believe that a company's policies are unethical or immoral than you should resign, you should not break the policies just because you don't like them. Just my opinion.
  • mikedisd2mikedisd2 Member Posts: 1,096 ■■■■■□□□□□
    Kaminsky wrote: »
    as the ex-employee does still have a right to them under freedom of information

    Huh?

    Check your company's email disclaimer. It should say something like "This email and all attachments are the sole property of Co. Ltd (or any of its subsidiary entities)", etc.
  • HeroPsychoHeroPsycho Inactive Imported Users Posts: 1,940
    dynamik wrote: »
    Oh, I figured you were just jealous that Paul was at least a specific type of tool...

    "I am highly aroused..."

    (Anchorman)
    Good luck to all!
  • KaminskyKaminsky Member Posts: 1,235
    mikedisd2 wrote: »
    Huh?

    Check your company's email disclaimer. It should say something like "This email and all attachments are the sole property of Co. Ltd (or any of its subsidiary entities)", etc.

    Yes. I don't mean they own the email. In many countries they have freedom of information where they can put in a request for all information pertinent to them on your company's computers and you have a legal obligation to provide copies of it to them. This includes emails. Sometimes there is a nominal fee to the company for doing this. This is a standard thng for most countries.

    If there were to be any litigation, the first thing that would be requested by the solicitor would be a freedom of information request for copies of any emails pertaining to their client be sent to them. If these emails are deleted, the company can face awkward questions of why and good solicitors can make it sound incriminating.
    Kam.
  • Paul BozPaul Boz Member Posts: 2,620 ■■■■■■■■□□
    Kaminsky wrote: »
    Yes. I don't mean they own the email. In many countries they have freedom of information where they can put in a request for all information pertinent to them on your company's computers and you have a legal obligation to provide copies of it to them. This includes emails. Sometimes there is a nominal fee to the company for doing this. This is a standard thng for most countries.

    If there were to be any litigation, the first thing that would be requested by the solicitor would be a freedom of information request for copies of any emails pertaining to their client be sent to them. If these emails are deleted, the company can face awkward questions of why and good solicitors can make it sound incriminating.

    That's fine and all but I still don't understand how this stands in court if the company has well defined acceptible use policies built around email.
    CCNP | CCIP | CCDP | CCNA, CCDA
    CCNA Security | GSEC |GCFW | GCIH | GCIA
    [email protected]
    http://twitter.com/paul_bosworth
    Blog: http://www.infosiege.net/
  • RouteThisWayRouteThisWay Member Posts: 514
    After reading this, this is how we handle it (Federal).

    We get a notice that ___ is going to be let go on ___ and an Account closure form is handed to us usually 24 hrs before.

    The account is closed as soon as the form is walked down (not emailed, phone call etc. A physical document) to the Windows admins. This usually happens ~5PM. We close the account immediately, sign off of the form stating you did such.

    If the user can't VPN in, he/she will come in the next morning. If someone from HR doesn't get them first thing in the morning, they obviously cannot log on. They call saying that they can't login. We tell them that we are experiencing server issues (very general ha), we will get back to them asap.

    Normally, this is not an issue because they are told first thing in the morning. Then the security contractors come by and pick them up, and they escort them to pack up there things. They are NOT allowed access to the PC at all once they have been terminated, and all accounts are closed. Period.

    Before logging into the PC, there is a specific dialogue that pops up and warns that "This is a federal PC owned by the United States govt blahblahblah. It is to be used for work related functions only. You have no privacy on this system, etc etc". So basically, by clicking Accept.. you forfeit the right to anything on the PC, all privacy on the PC, etc.

    This may seem harsh, but it would be incredibly stupid from a security standpoint to let someone who was just told they were fired access to a work PC. It isn't their PC, it isn't their data.

    Once they are terminated, their desktop is usually reimaged anyway. We are very tight with user permissions so they can't install anything, etc anyways. If they had any personal documents.. sucks for them. They shouldn't be doing it on a work computer.

    Like it or not, IT is usually one of the first depts to know of someone being let go. It is the only way to secure network access. Telling someone, then closing their accounts still allows a window of time (even if it is minutes) that someone that has access to the system shouldn't. And that is unacceptable.
    "Vision is not enough; it must be combined with venture." ~ Vaclav Havel
  • dalesdales Member Posts: 225

    Like it or not, IT is usually one of the first depts to know of someone being let go. It is the only way to secure network access. Telling someone, then closing their accounts still allows a window of time (even if it is minutes) that someone that has access to the system shouldn't. And that is unacceptable.

    Haha not where I work, I've have this gripe with HR on a regular basis, that reminds me I dont think I've had a moan at them for a couple of weeks.... 'walks off to write email'

    Kaminsky is quite right about the freedom of information act here in the UK, you can ask for information about pretty much any part of any business should it be relevant to to the requester. We get FOI's all the time for things because we are a local government and local papers like trying to find dirt on how much was spent and where. Also by the way our courts handle things if any information is shakey then its the company that comes off worst no matter on what grounds the employee was fired for.
    Kind Regards
    Dale Scriven

    Twitter:dscriven
    Blog: vhorizon.co.uk
  • Forsaken_GAForsaken_GA Member Posts: 4,024
    As others have mentioned, this is one of the downsides to being in IT. If you don't have a clear directive as to what to say, then just be non-committal. Tell them you'll look into it and let it go, saying anything more possibly compromises yourself, or your company. It sucks to be put into that position, but there's nothing you can do about it, it happens. People also aren't stupid - if their logins no longer work and their keycards no longer work, they know what's coming. I knew one guy who put it all together really quick. Just walked into the HR office, handed in his keys, asked for his termination form to sign, and left without any further word.
  • PashPash Member Posts: 1,600 ■■■■■□□□□□
    As others have mentioned, this is one of the downsides to being in IT. If you don't have a clear directive as to what to say, then just be non-committal. Tell them you'll look into it and let it go, saying anything more possibly compromises yourself, or your company. It sucks to be put into that position, but there's nothing you can do about it, it happens. People also aren't stupid - if their logins no longer work and their keycards no longer work, they know what's coming. I knew one guy who put it all together really quick. Just walked into the HR office, handed in his keys, asked for his termination form to sign, and left without any further word.

    This and what Paul has been saying.

    One of our ex-customers of recent had us providing desktop support on a rotation basis. IT was always the first to know that a person was leaving (after HR of course), the IT manager would always walk in and ask to disable employee's xxxx AD account straight away, he would stand there when I would do it.

    To be fair he was very good at shielding us from this type of difficult situation, he didn't mind looking like the bad guy, he would pay the user a visit and ask for any loaned items to be given back and as far as I am aware nobody ever kicked and screamed there way out in the 2.5 years I was doing work for this customer.

    I can imagine it must be harder when these are colleagues of yours or maybe even people you are friendly with out of hours (which is more than likely in today's long hour office environments).
    DevOps Engineer and Security Champion. https://blog.pash.by - I am trying to find my writing style, so please bear with me.
Sign In or Register to comment.