Home / Company
COMPANY
About PowerTech
News & Events
Articles
Careers
Contact Us
 
request a demo >>
submit request >>
RESOURCES & DOWNLOADS
Datasheets
White Papers
Case Studies
Recorded Webinars
Product Downloads & Updates
Register for Product Demo
Open Source Security Policy
Compliance Guide
PowerTech Articles

Saying Goodbye: 3 Steps to Reducing the Risk of Data Breaches from Terminated Employees
John Earl , Director of Security Technology

Hard economic times produce special challenges for IT Security. When an organization is forced to reduce workforce, every terminated employee becomes a potential security vulnerability to your enterprise. Reduce that vulnerability with some common sense steps that coincide with employee departures.

Talk to HR – Let your HR people know that you need to be alerted when people leave the organization so that you can turn off their access to company data. Whether the departure is voluntary or not, the System Administrator should be notified as soon as possible when people leave the company. At the appropriate time, the System Admin should disable the profile (STATUS(*DISABLED)) and set the password to *NONE. This will prevent anyone from signing on with that user ID. Most HR departments have a check list that they go through when an employee separates from the company, so make “Notify IT” another step in that checklist.

Look out for old users – If a disgruntled former employee can’t use their account, they may know of some other accounts that are still active. If you haven’t done a good job of cleaning up old user profiles, this is a great time to get started. Retrieve a list of users from the system by running a Compliance Monitor User Report, and sort the report by last signed on date. Any User ID that has not signed on in over 30 days should command your attention, but don’t just go deleting them straight away, also take a look at Compliance Monitor’s “Last Used Date” field. You may find that a profile has been used more recently than its “Last Signon Date” suggests. This is a common occurrence with profiles that are only used for ftp because the Operating System does not update the “Last Signed On Date” when a user accesses via ftp.

Once you’ve isolated the list of users, go through each one and set its status to *DISABLED and its password to *NONE. This will prevent the use of this profile, but still preserve the profile in the event it owns important production objects.

Look out for generic profiles - Many organizations have generic profiles with well known passwords. While this is always a bad idea from a security perspective, it can be difficult to get an organization to change bad habits. Times of turmoil are a great opportunity to throw out old thinking and upgrade your security practices.

Every generic user ID is a risk to the organization's data that is multiplied by the number of people who have ever worked at that organization. Use this opportunity to turn that generic ID into a group profile that gives everyone the rights to data they need, but assign each member of this group their own ID that will individually identify them and their actions. If you absolutely can’t get this done, insist on a password change for the generic ID’s. It’s not as good a security precaution, but it is better than nothing.

Keep a calm demeanor when things get tough, and take basic security precautions like these that will help any organization ride out stormy seas. If you’re having tough economic times, you don’t need a data loss piled into the problem mix.

 
 
©2008 The PowerTech Group, Inc. All Rights Reserved Sitemap  Privacy Policy