Re: Handling Sysads resignation/termination

From: Michael Hammer (dotzero@gmail.com)
Date: Wed Aug 03 2005 - 15:33:35 EDT


1) You cannot prove a negative. You need to rely on the competency of
your remaining people to deal with any issues that may occur.
Note: This is why I will not touch a system from a place I have left
even if I am asked to. I recommend (in writing) that all passwords be
changed and appropriate security measures be taken once I have left.
It doesn't matter who decided to part ways and whether it is on good
terms or not.

2) It is important to get a signature on a document that acknowledges
that the person has not taken any steps to alter systems, data, etc.
This cuts to the heart of intent if there is a problem alter on. In
response to Susan Bradleys point, this is why signing the document is
usually tied to any severence package being offered.

3) The document should also address any intellectual property and
non-compete issues. Even if the person has not done any tampering they
still have a lot of information sitting in their head. This might be
useful to a competitor or simply harmful to the company if released
into the wild.

This process does not have to be done in a heavy handed way but should
be done in a way that makes it clear that the company is paying
attention.

Just my 2 cents having been on both sides of the table.

Mike

------------------------------------------------------------------------------
FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't

Learn the hacker's secrets that compromise wireless LANs. Secure your
WLAN by understanding these threats, available hacking tools and proven
countermeasures. Defend your WLAN against man-in-the-Middle attacks and
session hijacking, denial-of-service, rogue access points, identity
thefts and MAC spoofing. Request your complimentary white paper at:

http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
-------------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:40 EDT