Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

7 warning signs an employee has gone rogue

Roger A. Grimes | March 3, 2015
For all the emphasis on tools and gizmos, IT is still very much about the people who develop and use said tools and gizmos. Collaboration, mutual respect, passion for the work -- all this and more are essential to a beneficial outcome, whether your IT group is shipping code, swatting bugs, working with business users, or securing company systems.

This sweet older woman who everyone treated like the company grandmother had fleeced the organization. Don't let sentiment get the best of you.

Red flag No. 7: Leaves the company angry

Involuntary separation of employment is never easy on an employee, even in the best of circumstances, when not the result of the employee's actions. A layoff can come as a complete surprise to an employee, and it can hit at a difficult time in that employee's life. While a little venting might be expected, it can cross a line. Add to that mix a dedicated employee who has had lots of superadmin privileges for years with remote access, and you could have an impending disaster on your hands.

Of course, every separation of employment should involve the disabling of the ex-employee's log-on accounts. Many times this is the mistake made by victim companies. But often that long-term superadmin employee is also aware of shared admin account passwords (a practice that should never be implemented) and may know other employees' log-on names and passwords. This can become especially complicated in certain circumstances. While the average employee may have 10 to 15 different systems with different log-on credentials, that number skyrockets for admin employees.

Any system located on the Internet or a partner network should be scrutinized in depth. Any log-on credentials the employee might have known or might have used must be changed. Elevated service accounts, whose passwords are often not changed for years and widely known, should be changed as well. And be sure to investigate for any evidence of other accounts and passwords the ex-employee might have known about. Those, too, should be changed.

Postscript: Not everyone is a rogue in the making

For many of you, the above warning signs may be familiar. You may have encountered one or two of them even in the past week. In fact, some of you may remember times when you exhibited one of these warning signs (but certainly never hacked your employer). That's the hard part about spotting rogue employees. People don't always make the best decisions.

While it's good to keep an eye out for folks who may be engaged in illegal activities at work, be sure to take a measured approach. Give additional responsibilities as earned trust allows. Sometimes your paranoid suspicions will be only that.


Previous Page  1  2  3  4  5 

Sign up for CIO Asia eNewsletters.