I have seen an administrator that was let go with respect, do something wrong. They were let go when several others were laid off. The manager actually told them face to face. They were being let go because the company was down sizing the department. They did receive a minimal severance package. Because of his position, he was ask to stay for the rest of the day and collect equipment and ... I was ask to do an investigation of this person's computer because of another odd event. The evidence looks like several hours after being let go, they sent internal servers addresses and a few password to their external mail account. Because of their job responsibilities, this data should never have been sent home. The company was safe, because the servers were being shut down along with the down sizing, but this admin did not know that at the time. -----Original Message----- From: Jim Utkin [mailto:utkinat_private] Sent: Wednesday, July 18, 2001 12:05 AM To: 'Tom Litney'; securityjobsat_private Subject: RE: Article: Honesty isn't a policy, laid-off techies say See I always considered that absolutely silly. I rather treat an employee with respect. Most "security experts" have backups of their files at home, as they work at home quite a bit. Walking them out at the last moment, will not accomplish what they think they will. Its not like the person is going to run for the servers to install Trojans. I have seen what your talking about, and I think its an action from a paranoid employer, who is asking for trouble instead of trying to avoid it. In my 15 years of experience. I have never seen an employee who was let go with respect, commit a black hat act. Jim -----Original Message----- From: Tom Litney [mailto:Tom.Litneyat_private] Sent: Tuesday, July 17, 2001 11:06 AM To: securityjobsat_private Subject: RE: Article: Honesty isn't a policy, laid-off techies say As a security expert or critical infrastructure employee you should expect to be immediately walked of the premise and have all remote access disable at the point of termination. You might be expected to immediately pack your personal possession with a guard in presence or have your possessions packed for you by your line manager. This is normal practice. I'm not defending it but have enforced it in practice and required it in security policy. Of course, prior notification of pending termination would not be given. If you are an employee with sensitive access and give your notice, don't be surprised if you are immediately walked of the premise. Try not to take it personally. Of course you wouldn't do something to detrimentally affect the corporation but others do not have those same high standards. In our line of work it comes with the territory. I mentioned the deviation from policy at my last position, when I gave notice and wasn't immediately escorted off the premise. They felt I could be trusted (and of course were correct). I had critical knowledge and they sucked everything out of me they could in my final two weeks. But don't count on this to happen as it should be the exception. Tom > -----Original Message----- > From: Meritt James [mailto:meritt_jamesat_private] > Sent: Tuesday, July 17, 2001 9:20 AM > To: securityjobsat_private > Subject: Article: Honesty isn't a policy, laid-off techies say > > > http://news.cnet.com/news/0-1007-200-6580080.html?tag=mn_hd%20arg > > And as a "security expert" somebody may be looking over your shoulder > every moment until an armed guard escorts you off the premises. > > At least, that is what happened to me. Perfectly reasonable - I knew > too much and could have zeroed multiple programs. Wouldn't, but that > is a different topic... > > > -- > James W. Meritt, CISSP, CISA > Booz, Allen & Hamilton > phone: (410) 684-6566 >
This archive was generated by hypermail 2b30 : Wed Jul 18 2001 - 13:49:29 PDT