Employee Termination Checklist [modified]
-
Sadly I'm not fishing for traffic with that subject. I'm building an IT department at a small company and the time has come for someone to "depart for greener pastures". I want to be sure that I'm thinking of everything that has to be shut down, closed, disabled, etc... after the employee is terminated. I've got the easy stuff figured out already (AD account disabled, web app logins disabled, company property returned, etc...) and would appreciate anyone with experience in this arena tossing their $0.02 in. edit: After reading a few responses I reread my own post and realized that I didn't mention that this will be the procedure that the entire company is going to use so non-technical suggestions would be appreciated as well. Thanks again for the input... I was amazed at how quickly the responses popped on this one. Thanks!
Mike Devenney
modified on Wednesday, February 9, 2011 11:40 AM
You didn't mention whether there is a transition period at all. Is this termination effectively immediately, or is this more like, someone is being let go effective some future date like two weeks from now? Depending upon the above, very different types of procedures need to be followed. :)
Chris Meech I am Canadian. [heard in a local bar] In theory there is no difference between theory and practice. In practice there is. [Yogi Berra] posting about Crystal Reports here is like discussing gay marriage on a catholic church’s website.[Nishant Sivakumar]
-
Sadly I'm not fishing for traffic with that subject. I'm building an IT department at a small company and the time has come for someone to "depart for greener pastures". I want to be sure that I'm thinking of everything that has to be shut down, closed, disabled, etc... after the employee is terminated. I've got the easy stuff figured out already (AD account disabled, web app logins disabled, company property returned, etc...) and would appreciate anyone with experience in this arena tossing their $0.02 in. edit: After reading a few responses I reread my own post and realized that I didn't mention that this will be the procedure that the entire company is going to use so non-technical suggestions would be appreciated as well. Thanks again for the input... I was amazed at how quickly the responses popped on this one. Thanks!
Mike Devenney
modified on Wednesday, February 9, 2011 11:40 AM
At a previous employer I had put a redirect on all my e-mail to my home address as they couldn't make it available remotely. I didn't cancel this when I left and it was still working over two years later, it was also still on some of their e-mail lists so got a reasonable amount of mail, support logs, updated company contact lists, and so on. In the end we used it to test some blocking rules the bloke who owns my e-mail wanted to implement. But I'm sure you're not that stupid.
Every man can tell how many goats or sheep he possesses, but not how many friends.
-
Sadly I'm not fishing for traffic with that subject. I'm building an IT department at a small company and the time has come for someone to "depart for greener pastures". I want to be sure that I'm thinking of everything that has to be shut down, closed, disabled, etc... after the employee is terminated. I've got the easy stuff figured out already (AD account disabled, web app logins disabled, company property returned, etc...) and would appreciate anyone with experience in this arena tossing their $0.02 in. edit: After reading a few responses I reread my own post and realized that I didn't mention that this will be the procedure that the entire company is going to use so non-technical suggestions would be appreciated as well. Thanks again for the input... I was amazed at how quickly the responses popped on this one. Thanks!
Mike Devenney
modified on Wednesday, February 9, 2011 11:40 AM
Worked at one place where after it was know you were leaving you were walked to your desk and not allowed to log back in. For those asked to leave they would be called to a meeting and never seen again.
-
Worked at one place where after it was know you were leaving you were walked to your desk and not allowed to log back in. For those asked to leave they would be called to a meeting and never seen again.
-
Make sure any files the employee checked out in source control have been unlocked!
The funniest thing about this particular signature is that by the time you realise it doesn't say anything it's too late to stop reading it. My latest tip/trick
You've had that happen to you, too then. :)
I wasn't, now I am, then I won't be anymore.
-
Sadly I'm not fishing for traffic with that subject. I'm building an IT department at a small company and the time has come for someone to "depart for greener pastures". I want to be sure that I'm thinking of everything that has to be shut down, closed, disabled, etc... after the employee is terminated. I've got the easy stuff figured out already (AD account disabled, web app logins disabled, company property returned, etc...) and would appreciate anyone with experience in this arena tossing their $0.02 in. edit: After reading a few responses I reread my own post and realized that I didn't mention that this will be the procedure that the entire company is going to use so non-technical suggestions would be appreciated as well. Thanks again for the input... I was amazed at how quickly the responses popped on this one. Thanks!
Mike Devenney
modified on Wednesday, February 9, 2011 11:40 AM
Your avatar...are those pink roses behind you? They are very pretty regardless. Peace and good will to you my friend. May you live long and prosper.
-
You didn't mention whether there is a transition period at all. Is this termination effectively immediately, or is this more like, someone is being let go effective some future date like two weeks from now? Depending upon the above, very different types of procedures need to be followed. :)
Chris Meech I am Canadian. [heard in a local bar] In theory there is no difference between theory and practice. In practice there is. [Yogi Berra] posting about Crystal Reports here is like discussing gay marriage on a catholic church’s website.[Nishant Sivakumar]
When employment is terminated by the company, it's the norm to escort people out and disable all access that moment when someone resign, either there is a transition period where the person is still fully employed (and has access up to the moment he leaves) or he quits on the spot and all access are disabled that moment.
Watched code never compiles.
-
Sadly I'm not fishing for traffic with that subject. I'm building an IT department at a small company and the time has come for someone to "depart for greener pastures". I want to be sure that I'm thinking of everything that has to be shut down, closed, disabled, etc... after the employee is terminated. I've got the easy stuff figured out already (AD account disabled, web app logins disabled, company property returned, etc...) and would appreciate anyone with experience in this arena tossing their $0.02 in. edit: After reading a few responses I reread my own post and realized that I didn't mention that this will be the procedure that the entire company is going to use so non-technical suggestions would be appreciated as well. Thanks again for the input... I was amazed at how quickly the responses popped on this one. Thanks!
Mike Devenney
modified on Wednesday, February 9, 2011 11:40 AM
First of all I'm sorry if this offends anyone. I've seen here people saying somethings like that if you can't trust people you should not run a company, that you should not think on removing privileges and that everything should work by it's own without problems... and that if you pay a lot of money then everything is nice and easy... Well, my opinion is that this only happens in hollywood comedies... People some times steal documents and information that can be used to harm or to get a job at the copetitor's house. So this situation is a possible problem. Typically this can't be handled by small companies correctly (and I guess that it can't be done by big ones neither)... You could: - Control what goes in and out of the company using a guard. - Disconnect drives (USB and anything that could be used to substract information). - Use a internet filter and disconnect access to several webs and services: no ftp... - Disallow cameras and other devices that can be used as storage. - Be careful with programs like LogMeIn, TeamViewer, RealVNC and others... (they can transmit files). - BE SURE TO HAVE A GOOD BAKCUP PLAN. - Use a keylogger. - Remove admin privileges. - Remove access to Virtual Machines. - Limit access to servers. - Probably a good way to do it is using terminals and not full computers... (display, keyboard, mouse) - ... Almost all the previous options will of course depend on the kind of job you are doing... And all of them come from someone that thought that people was good and nice... Of course till I've seen trusted people sending code snippets to their home computers, removing material from the company, ... People is hard to control and if they have in mind to damage you then you will have a problem. Hope you will find a nice solution for everyone.
[www.tamelectromecanica.com] Robots, CNC and PLC machines for grinding and polishing.
-
First of all I'm sorry if this offends anyone. I've seen here people saying somethings like that if you can't trust people you should not run a company, that you should not think on removing privileges and that everything should work by it's own without problems... and that if you pay a lot of money then everything is nice and easy... Well, my opinion is that this only happens in hollywood comedies... People some times steal documents and information that can be used to harm or to get a job at the copetitor's house. So this situation is a possible problem. Typically this can't be handled by small companies correctly (and I guess that it can't be done by big ones neither)... You could: - Control what goes in and out of the company using a guard. - Disconnect drives (USB and anything that could be used to substract information). - Use a internet filter and disconnect access to several webs and services: no ftp... - Disallow cameras and other devices that can be used as storage. - Be careful with programs like LogMeIn, TeamViewer, RealVNC and others... (they can transmit files). - BE SURE TO HAVE A GOOD BAKCUP PLAN. - Use a keylogger. - Remove admin privileges. - Remove access to Virtual Machines. - Limit access to servers. - Probably a good way to do it is using terminals and not full computers... (display, keyboard, mouse) - ... Almost all the previous options will of course depend on the kind of job you are doing... And all of them come from someone that thought that people was good and nice... Of course till I've seen trusted people sending code snippets to their home computers, removing material from the company, ... People is hard to control and if they have in mind to damage you then you will have a problem. Hope you will find a nice solution for everyone.
[www.tamelectromecanica.com] Robots, CNC and PLC machines for grinding and polishing.
- Don't give them a computer. Stone tablets and chisels please. ;P Seriously, the don't give them Admin rights bit is a no, no with developers in my opinion. Regular user, that is OK but we are not regular users.
-
Sadly I'm not fishing for traffic with that subject. I'm building an IT department at a small company and the time has come for someone to "depart for greener pastures". I want to be sure that I'm thinking of everything that has to be shut down, closed, disabled, etc... after the employee is terminated. I've got the easy stuff figured out already (AD account disabled, web app logins disabled, company property returned, etc...) and would appreciate anyone with experience in this arena tossing their $0.02 in. edit: After reading a few responses I reread my own post and realized that I didn't mention that this will be the procedure that the entire company is going to use so non-technical suggestions would be appreciated as well. Thanks again for the input... I was amazed at how quickly the responses popped on this one. Thanks!
Mike Devenney
modified on Wednesday, February 9, 2011 11:40 AM
disable VPN account, if it exists
-
Sadly I'm not fishing for traffic with that subject. I'm building an IT department at a small company and the time has come for someone to "depart for greener pastures". I want to be sure that I'm thinking of everything that has to be shut down, closed, disabled, etc... after the employee is terminated. I've got the easy stuff figured out already (AD account disabled, web app logins disabled, company property returned, etc...) and would appreciate anyone with experience in this arena tossing their $0.02 in. edit: After reading a few responses I reread my own post and realized that I didn't mention that this will be the procedure that the entire company is going to use so non-technical suggestions would be appreciated as well. Thanks again for the input... I was amazed at how quickly the responses popped on this one. Thanks!
Mike Devenney
modified on Wednesday, February 9, 2011 11:40 AM
If they are a developer and you have them on group licenses, make sure you remove them. A year or so ago, I logged into my MSDN account and was surprised to see it took three years for my previous company to cancel my MSDN license through them! (I'm sure I wasn't the only one.) You also need to check if they have any software and/or hardware at home. Had I not brought it up at one company I left, I would have had a free (albeit rather lame) system. (On the flip side, as the version control guy at several companies, it was my job to clean out old developer systems. One drunk developer a company I worked for fired had done one edit in his last three months and had well over $20,000 of pirated software on his computer--one package being a high end audio editor. I cancelled his checkins and reformatted his computer.)
-
First of all I'm sorry if this offends anyone. I've seen here people saying somethings like that if you can't trust people you should not run a company, that you should not think on removing privileges and that everything should work by it's own without problems... and that if you pay a lot of money then everything is nice and easy... Well, my opinion is that this only happens in hollywood comedies... People some times steal documents and information that can be used to harm or to get a job at the copetitor's house. So this situation is a possible problem. Typically this can't be handled by small companies correctly (and I guess that it can't be done by big ones neither)... You could: - Control what goes in and out of the company using a guard. - Disconnect drives (USB and anything that could be used to substract information). - Use a internet filter and disconnect access to several webs and services: no ftp... - Disallow cameras and other devices that can be used as storage. - Be careful with programs like LogMeIn, TeamViewer, RealVNC and others... (they can transmit files). - BE SURE TO HAVE A GOOD BAKCUP PLAN. - Use a keylogger. - Remove admin privileges. - Remove access to Virtual Machines. - Limit access to servers. - Probably a good way to do it is using terminals and not full computers... (display, keyboard, mouse) - ... Almost all the previous options will of course depend on the kind of job you are doing... And all of them come from someone that thought that people was good and nice... Of course till I've seen trusted people sending code snippets to their home computers, removing material from the company, ... People is hard to control and if they have in mind to damage you then you will have a problem. Hope you will find a nice solution for everyone.
[www.tamelectromecanica.com] Robots, CNC and PLC machines for grinding and polishing.
There is another reason for this level of security that way too many companies and managers don't know--you can only protect trade secrets in court if you can demonstrate you actually treated them as trade secrets.
-
- Don't give them a computer. Stone tablets and chisels please. ;P Seriously, the don't give them Admin rights bit is a no, no with developers in my opinion. Regular user, that is OK but we are not regular users.
and the stone tablet chained to the floor with really big locks or containing a proximity detector tied to a self destruct mechanism :-\ and maybe the chisel with a really dull edge so the user cannot hurt anyone else :sigh:
Steve _________________ I C(++) therefore I am
-
If they are a developer and you have them on group licenses, make sure you remove them. A year or so ago, I logged into my MSDN account and was surprised to see it took three years for my previous company to cancel my MSDN license through them! (I'm sure I wasn't the only one.) You also need to check if they have any software and/or hardware at home. Had I not brought it up at one company I left, I would have had a free (albeit rather lame) system. (On the flip side, as the version control guy at several companies, it was my job to clean out old developer systems. One drunk developer a company I worked for fired had done one edit in his last three months and had well over $20,000 of pirated software on his computer--one package being a high end audio editor. I cancelled his checkins and reformatted his computer.)
Good call Joe, I've been on the beneficial end of a forgotten MSDN subscription. Sadly, I haven't convinced the powers that be that I need one of those yet. :(( The "drunk" developer you speak of sounds suspiciously like my old boss. Same situation, he just stopped working one day (fed up with our department's mis-management, he said) and started playing some online RPG. He would drink his lunch and come back hours later completely useless. Luckily, by then we were contracting out to a third party to develop the system and his coding (if you want to call it that) was only making a mess of our corporate phone listings page...
Mike Devenney
-
Your avatar...are those pink roses behind you? They are very pretty regardless. Peace and good will to you my friend. May you live long and prosper.
I believe they're the spring flower you get on a dogwood tree. A close look will reveal some Photoshop work. When I cropped the image there was a piece of wood behind me that looked like it was coming out of my head so I cloning stamped the background a bit. All the best!
Mike Devenney
-
Good call Joe, I've been on the beneficial end of a forgotten MSDN subscription. Sadly, I haven't convinced the powers that be that I need one of those yet. :(( The "drunk" developer you speak of sounds suspiciously like my old boss. Same situation, he just stopped working one day (fed up with our department's mis-management, he said) and started playing some online RPG. He would drink his lunch and come back hours later completely useless. Luckily, by then we were contracting out to a third party to develop the system and his coding (if you want to call it that) was only making a mess of our corporate phone listings page...
Mike Devenney
One person that I know decided to learn Spanish at work and did so for a year before leaving. Management had changed and nobody gave this person any work. So he learned Spanish and then went on a vacation to use it.
Steve Maier
-
One person that I know decided to learn Spanish at work and did so for a year before leaving. Management had changed and nobody gave this person any work. So he learned Spanish and then went on a vacation to use it.
Steve Maier
Haha! Actually, I've been tempted to learn Spanish while making my company's website multilanguage capable. However, I'm usually too tired to focus on that level of learning (Spanish was my worst subject in school).
-
Sourcesafe admin can do that. EDIT ========== 1-voting low-rep retard strikes again...
".45 ACP - because shooting twice is just silly" - JSOP, 2010
-----
You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010
-----
"Why don't you tie a kerosene-soaked rag around your ankles so the ants won't climb up and eat your candy ass." - Dale Earnhardt, 1997modified on Wednesday, February 9, 2011 1:03 PM
-
Sourcesafe admin can do that. EDIT ========== 1-voting low-rep retard strikes again...
".45 ACP - because shooting twice is just silly" - JSOP, 2010
-----
You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010
-----
"Why don't you tie a kerosene-soaked rag around your ankles so the ants won't climb up and eat your candy ass." - Dale Earnhardt, 1997modified on Wednesday, February 9, 2011 1:03 PM
What's source safe, svn John.
-
First of all I'm sorry if this offends anyone. I've seen here people saying somethings like that if you can't trust people you should not run a company, that you should not think on removing privileges and that everything should work by it's own without problems... and that if you pay a lot of money then everything is nice and easy... Well, my opinion is that this only happens in hollywood comedies... People some times steal documents and information that can be used to harm or to get a job at the copetitor's house. So this situation is a possible problem. Typically this can't be handled by small companies correctly (and I guess that it can't be done by big ones neither)... You could: - Control what goes in and out of the company using a guard. - Disconnect drives (USB and anything that could be used to substract information). - Use a internet filter and disconnect access to several webs and services: no ftp... - Disallow cameras and other devices that can be used as storage. - Be careful with programs like LogMeIn, TeamViewer, RealVNC and others... (they can transmit files). - BE SURE TO HAVE A GOOD BAKCUP PLAN. - Use a keylogger. - Remove admin privileges. - Remove access to Virtual Machines. - Limit access to servers. - Probably a good way to do it is using terminals and not full computers... (display, keyboard, mouse) - ... Almost all the previous options will of course depend on the kind of job you are doing... And all of them come from someone that thought that people was good and nice... Of course till I've seen trusted people sending code snippets to their home computers, removing material from the company, ... People is hard to control and if they have in mind to damage you then you will have a problem. Hope you will find a nice solution for everyone.
[www.tamelectromecanica.com] Robots, CNC and PLC machines for grinding and polishing.
Joan Murt wrote:
Of course till I've seen trusted people sending code snippets to their home computers
Interesting, I do this all the time, I also send snippets back from home. As the company has a net nazi in place, and some really draconian security, I often do research at home. I don't argue with the security, I work around it with the full knowledge of my boss.
Never underestimate the power of human stupidity RAH