Howdy, folks. It's me again -- your random writer/journalist who occasionally
asks for input in order to ensure her articles reflect the real world.
In particular: What should a company do to protect its information when an
employee departs? When someone leaves the company, the HR department is quick
to grab the employee's laptop. But what about the data on the employee's
equipment? How can the organization know what's on her mobile devices? Does
anyone know to which websites and other cloud-based software the employee has
access?
I'm aiming to create a checklist for IT (working with HR) to ensure the
company's data doesn't walk out the front door.
For example, I still have access to a surprising number of websites and other
company/client resources. For example, one client had given me access to Google
Analytics in 2009. They closed down the project in 2010 (and I believe there's
NOBODY left at the company who even remembers it existed). But I can see its
web traffic today. I also had access to a major publication's blog comment
system (e.g. "mark as spam") for three years, and the only reason it went away
then is that they changed their commenting system. It's a good thing I'm
ethical, or I could have had entirely too much fun doing naughty things.
So… what advice would you give sysadmins about what to look for? Because while
it might occur to IT to change a user's admin rights on Active Directory, it
might not occur to them to check for all site access (if they even know, and
I'm sure that in neither of my cases anyone did).
I could quote you by name if you like, but I'm just as happy to share your
wisdom without naming names. Here I only care about expertise… not who said it.
So you don't have to worry about getting in trouble!
Can you send me whatever input you have by, say, Tuesday October 7th?
_______________________________________________
Discuss mailing list
[email protected]
https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss
This list provided by the League of Professional System Administrators
http://lopsa.org/
