Re: Handling Sysads resignation/termination

From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (sbradcpa@pacbell.net)
Date: Tue Aug 02 2005 - 20:39:49 EDT


What's he going to do? Say yes? Then what?

Anyone else besides me thinking of a employment leaving documentation
poured over by Attorneys where he/she has to sign something to the effect?

I wouldn't want you to certify that ....that's asking a bit much on your
part I think. I think you, your HR department and your firm's Attorneys
need to sit down and discuss an action plan.

Normally for anyone who isn't a sysadmin the termination process
involved revoking accounts, keys, devices, changing locks etc etc...

Check out Steve Riley on this topic...

http://blogs.technet.com/steriley/archive/2005/07/19/407917.aspx

The article is posted in the security management column section on
TechNet and is the Viewpoint article in the July security newsletter.
Check it out, and please tell me what you think. It's been generating
some opinions :)

http://www.microsoft.com/technet/community/columns/secmgmt/sm0705.mspx

    Do you trust your administrators? That seemingly innocent question
    creates a serious dilemma in the minds of a lot of people. While we
    all know what we’d /like/ the answer to be, the disappointing fact
    is that, increasingly, the true answer is the opposite. This became
    apparent in discussions I had with many attendees at TechEd US in
    May—there is genuine concern about the trustworthiness of
    administrators...

Irvin Temp wrote:

>I've been working as a security consultant for a
>financial company.
>
>a system administrator handling the several of the
>critical servers will be retiring. before he leave the
>
>company the management wants me to interview him and
>in
>"certify" that he did not leave any timebombs,
>malicious
>programs on the pcs.
>
>Since i have no experience in handling pre-termination
>of
>a systems administrator, i would appreciate you
>insights
>and suggestions on how to go about this.
>
>Questions that needs to be asked. Steps to take to
>ensure that the systems are clean after his
>resignation.
>
>
>Thanks and God bless!
>
>__________________________________________________
>Do You Yahoo!?
>Tired of spam? Yahoo! Mail has the best spam protection around
>http://mail.yahoo.com
>
>------------------------------------------------------------------------------
>FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't
>
>Learn the hacker's secrets that compromise wireless LANs. Secure your
>WLAN by understanding these threats, available hacking tools and proven
>countermeasures. Defend your WLAN against man-in-the-Middle attacks and
>session hijacking, denial-of-service, rogue access points, identity
>thefts and MAC spoofing. Request your complimentary white paper at:
>
>http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
>-------------------------------------------------------------------------------
>
>
>
>

-- 
Letting your vendors set your risk analysis these days?  
http://www.threatcode.com
------------------------------------------------------------------------------
FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't
Learn the hacker's secrets that compromise wireless LANs. Secure your
WLAN by understanding these threats, available hacking tools and proven
countermeasures. Defend your WLAN against man-in-the-Middle attacks and
session hijacking, denial-of-service, rogue access points, identity
thefts and MAC spoofing. Request your complimentary white paper at:
http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
-------------------------------------------------------------------------------


This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:40 EDT