Discussions

When a network administrator puts in his 2-week notice...

Tags:
+
0 Votes
Locked

When a network administrator puts in his 2-week notice...

angry_white_male
... what do you do?

Immediately remove him from service, disable all his access and pay him til his last day?

Trust he won't do anything bad and keep things status quo til his last day?

Quietly monitor everything he does and pull some of his privileges out?

Assume he's already filled his iPod up with everything already he can use against us later on down the road?
  • +
    0 Votes
    Dr Dij

    to:
    be sure you know all the passwords to devices such as routers and root passwords to systems if you don't have other admins for same systems.

    be sure you have working backup tapes

    be sure you have documentation of his day to day procedures both for normal ops and to fix things that break regularly due to load, etc.
    (e.g. we had a router that crashed when too many users and only one net admin knew the 'fix')

    Is there someone else who can work with this guy in last two weeks?

    In an ideal setup you'd have a log device for system activities somewhere else that only the admin of that device could alter (e.g. another server that admin didn't have pwd to) and you could go back to this if anything 'blew up' suddenly.

    I left a company with a paranoid tyrant boss, and got a call a couple weeks later. It was to ask where a file was, which was fairly obvious. I told the guy where the file was and didn't think much of it, tho I wondered why he called.

    I found out months later from someone else who worked there that the system had crashed after I left and they were fishing to see if it sounded like I had anything to do with it. It was a hardware crash which I as a developer couldn't mystimagically create but the guy was paranoid.

    I suppose the answers to your questions could depend on his record and how he's perceived.

    Was he an egotistical dependancy builder who made people dependant on him to fix things because only he knew how and wouldn't show anyone else, or just a normal person?

    I'd consult HR; Did this guy not get any promised raises or bonuses like the guy at the brokerage firm who planted the logic bomb? Has he made any statements about dislike of the company in last couple years? Any major arguments with other depts or people he dislikes?

    +
    0 Votes
    dmckay2003

    I have been in this situation where I was layed off and immediately my email was locked! I wasn't able to send my farewell email even though I had no hard feelings. I was asked for all the passwords for all of the network appliances and gave my boss the admin password to everything. Even if you do have a grudge against a former employer, it seems to me that it would do you more harm than anything to plant a bomb or cause any loss of productivity. You have to remember that even though it's illegal to say something derogative or make a prospective employer feel like this person would be a bad choice it happens all the time in this industry. Why bother to do all the schooling and all the blood sweat and tears that we as systems and network engineers have to endure to get where we are if were going to destroy our career because of a job that didn't work out? Maybe it's just my age and the 20+ years of doing this that has shown me that making stupid moves like sabotage can end up only in a bad way and can never really pay off. Besides, didn't the question state that he gave notice? I would have to beleive that he is just moving on as we all do when we feel stagnant or need a change.

    Just my thoughts>>>>>>>>

    +
    0 Votes
    jc@dshs

    I totally agree.
    I've been the network admin at my current place of employ for 11 years. I have always done a good job, i am trusted by all the staff here,...You get the picture.
    If I decide that financially I can no longer resist the offer of a bigger pay packet (I'm 47, not getting any younger) or a new job with different challenges why would I suddenly overnight turn into the world's biggest security risk? I have always been totally professional in my approach with this company so why should that change all of a sudden?

    +
    0 Votes
    Locrian_Lyric

    ...a person expects others to do what he would do in the same situation.

    +
    0 Votes
    Tony Hopkinson

    If they bin you they expect you to get dischuffed

    If you leave they figure you are dischuffed, they just missed how they managed it.

    Personally I would be very offended at the idea, that I would sabotage something before I left.
    There again I did a departmental switch at one place, and they found it convenient to leave me with my access, 'just in case'

    A month or so later, something went wrong and they rang me up to see what I'd messed about with! Nothing to do with me of course, but I pressured them into removing my old privileges for their cheek.

    So it can work both ways.

    +
    0 Votes
    Locrian_Lyric

    I also had occasion to demand my accounts to be deleted.

    On another note....

    I was laid off from a company in 2001, then went back as a consultant in 2006.

    Some of my accounts were still there.....

    SKEEERY eh?

    +
    0 Votes
    Tony Hopkinson

    Server passwords still the same and sa for the DB....

    Good job I'm honest

    +
    0 Votes
    ananeo

    I recently gave my two weeks notice, but for some reason nobody expects me to go anywhere, boy are they going to be suprised.
    My integrity would not allow me to do something that could ollow me around the industry the rest of my life.
    There lost, not mine.

    +
    0 Votes
    Dr Dij

    some people DON'T think it will follow them around. What with companies afraid to give bad ref to anyone. And not everyoen is good or will do the right thing.. Some good books on insider theft of data also mention how to handle incidents of system and data destruction.

    And I was saying in orig post to evaluate each person. e.g. do they have a history of complaining or disciplinary action, previous threats to quit, layoffs, turned down for promo or bonus, or other reasons to commit destructive acts?

    +
    0 Votes
    ImNotLisa

    that's a scary thought.

    +
    0 Votes
    Locrian_Lyric

    It's human nature.

    by the same token, we have a hard time conceiving of the things we are not inclined to do

    +
    0 Votes
    rsbowman

    That is only the first time. Sometimes managers see people do things that the manager would never conceive of himself doing. He then learns to expect that behavior of others.

    It would be a mistake to judge the manager's character by this law just because he has learned that not all people behave as he would.

    +
    0 Votes
    Locrian_Lyric

    including this one....

    Still, unfounded accusations/suspicions are more representative of proclivity as opposed to experience.

    +
    0 Votes
    ang2006

    Funny I was thinking the exact same thing when I read your post. Could be a case of the pot calling the kettle black.

    +
    0 Votes
    yosef.sheinfil

    Unfortunately, not everyone keeps the law. Life has shown me that although there are many good people, there are some people out there who do "bad things" for self gain or not, which I find puzzling.

    +
    0 Votes
    Big Ole Jack

    From the HR and legal standpoint, the instance you declare your 2 weeks notice, you are pretty much advertising to your employer that you are no longer part of the company and that you are voluntarily asking to be cut off from the payroll. Yes, they could be professional about it and let you work off your final 2 weeks, but those in HR and legal need to set an example and give the appearance that they are "adhering to corporate policy..aka..status quo" by escorting you out of the building and erasing all remnants and traces of you ever having worked for them, excluding your social security number so that they can process your W2 at tax time. If they pick and choose who they want to boot out and who they want to keep, they won't have the opportunity to boot out a malicious employee when the times comes because their status quo will be challenged.

    +
    0 Votes
    tonyackerman

    Not to sound arguementative, but that course of action is irresponsible and puts the company at risk unless the actions I've outlined in my previous post have been taken. This is often the course recommended by groups that truly don't understand the critical path nature of certain types of careers fields and keystone people within an organization that hasn't taken appropriate actions in the beginnng.
    These people are not "cookie cutter" employees and should not be treated with such a cavalier attitude. Unplugging them like this is guarranteed to cause discension in the ranks and create the very situation that you want to avoid.

    Trust and professionalism is expected from both sides of this coin.

    +
    0 Votes
    Dr Dij

    because its happened to us. One employee of a school district my former boss was consulting with started being 'too stressed' to come into work. She was the only one who had the admin pwd to a unix system. She wouldn't give it to anyone. And they had trouble firing her because school district, not private employer.

    Another person (not system admin) wouldn't document any of her job, and erased production templates before she left. We had to scramble and rewrite some of these systems. Kind of our fault too for not backing up her PC and making her write procudures before that.

    +
    0 Votes
    Tony Hopkinson

    of an employee with no documentation on what they did, could do, or have.

    Even if it's not hostile, you are still stuffed.

    Two months wouldn't be enough time to hand over, never mind two weeks.

    +
    0 Votes
    Tony Hopkinson

    on how good your procedures are. If he's a critical, with lot's of secrets, you are SOL.

    Is it an amicable leave?

    If they are good pay the guy, let him go. shift all the passwords, and breathe a little safer.

    Assuming he's going to leave you in the lurch and treating him like that, is pretty much a self fulfilling prophecy though.

    +
    0 Votes
    mjd420nova

    We have in place an exit procedure for just those reasons. It does consist of password and access procedures for all systems and hardware. Company already had serious problems in this manner and started the routine to guard against problems. Also the manager has on record all needed info in the case of major failure or emergency. We had the lead administrator depart regretfully due to a traffic fatality and left things in fine shape but no way to make any changes. Took three weeks to cycle all hardware thru default settings to gain control and reset passwords. I wouldn't wish that kind of **** on anyone but my worst enemy.

    +
    0 Votes
    mcdet

    I guess this is why the change management is the key where everything must go through approval and recorded. Having to say that, not all processes had been followed closely, all the pre-cautionary steps required to undo any harm that might raise in the future.

    +
    0 Votes
    gadgetgirl

    get someone working in parallel with him. Make sure that person takes lots of notes for things that may be needed in future. Also keeps an eye on what he's doing.

    Next, look at his documentation. Make sure it's up to date, readable, followable, and makes sense. If you have time, check it through in a live situation. (I know someone who left a load of micky mouse paperwork, which wasn't checked until a failure and was found to be absolutely useless)

    Don't just check your back ups, check the restores, too. All programs have fads and foibles - you need to know "which way around" the program needs to be done. i.e. should folder creation be done first or last? Seems silly, but some programs crash and die if things are done in the "wrong way".

    By all means, get all his passwords. But, please, quietly check them ALL. I know of a situation where passwords were left; the first six worked, the rest didn't .....

    Pull any privileges he doesn't need on a day to day basis. Gives him less opportunity to place havoc with your systems.

    For goodness sake, take his ipod, and any other devices off him! While he's still in your employ, you have a right (or at least you do here in the UK) to check his personal possessions for data removal. It's probably already gone, but by asking to check them, he'll think twice about using any data he has. If necessary, get him to sign some form of words on paper to legally ensure he can't use/keep IPR/patents on anything related to the company.

    Make sure all his user accounts not having admin access are scheduled to expire the minute he leaves the building.

    And the minute he leaves the building, change all the admin passwords you have on that checked list!

    (Needless to say, double check any that allow VPN/remote access - oh, and look for any programs that allow that too, in case he's left himself a back door.........)

    Let us know how you get on.

    Best of luck - been there, done that, escorted the guy off the premises. You need all the luck you can get!

    PM me if you need more

    GG

    +
    0 Votes
    mailrick

    Disable all his access and pay him til his last day. Just discussed this yesterday in Windows Server 2003, 70-298 class. He shouldn't take it personally - this is just a fact of life/business these days - unfortunately.

    +
    0 Votes
    terryd64

    If you are managing correctly there shouldn't be any hidden secret procedures that nobody knows about.

    Think of the worst case scenario. Your ace administrator doesn't file his two weeks amicably, he gets killed on his commute to or from work. What do you do then? Hold a seance to retrieve that information? Nobody is irreplacable and the sooner your employees know that the better off they and your company will be.

    There should NOT be shared administrative Passwords! These are dangerous and always run the risk of either not getting changed or being very simple.

    There SHOULD be well documented procedures for even the the simplest and most common procedures.

    It is the managers job to ensure these practices are updated and kept secure.

    If the split is amicable, the employee willl enjoy receiving 2 weeks pay for all his effort with the company.

    Last but not least, make sure your employes are aware of this policy up front when you hire them or when the policy is implemented.

    +
    0 Votes
    Inkling

    I put my two weeks in a week ago and fully expected to be shown the door right away.

    They are allowing me to work the remainder of the time, but my feelings wouldn't have been hurt at all.

    It's a small company and I had everything prepared for my manager (SOPs, passwords, anything that would make replacing me easier) just in case.

    My boss and I did talk about it, but he said that he trusted me. The President of the company seemed shocked that I expected that kind of treatment though.

    Either way. If I were the one making the decisions, I would have allowed me to clean my desk out and escorted me out of the building with all my best wishes.

    It's nothing personal. Unfortunately, you have to prepare for the lowest common denominator and treat everyone accordingly to protect the company.

    +
    0 Votes
    feral

    If his departure is amicable and you can only discover that with a thorough debrief then you should not have too much drama I would think.

    During his last two weeks make sure all his daily procedures are documented and you obtain passwords to all systems as suggested.

    Depending on how you intend to fill his shoes, I would hire a contractor from a reputable firm immediately to shadow and learn the role with a possibility of it going to full time.
    Once the contractor is in place then he can assume the role of admin in conjunction with the incumbent and cut over the job. The outgoing admin should be ok with this.

    Make sure the contractor is properly qualified so that he can call it out if he sees something amiss, also brief the guy to bring it quietly to your attention if he suspects mischief then go hard.

    Do not cut his access off unless you are going to terminate him immediately, that would be suicidal to the business especially if you do not have his accesses sorted out.

    If you do for whatever reason need to terminate him immediately be careful, co ordinate this so that as he is walking to the office for his termination have someone capable disable all his access, LAN, WAN and remote and take control and ownership of his profile and data.
    Check that there are no suspicious accounts on servers and disable them if there are and so on.
    Once his access is removed escort him to the office have him pack and escort him offsite, do not let him log in again for any reason.

    +
    0 Votes
    masontony

    I was laid off after an eight month period with a company ,I was paid up for my two week notice and told to leave the laptop ,van keys and anything else .I was then escorted off the premises.This was not a nice feeling and was uncalled for .
    My son also works in IT and when he was attending a course which was out off his own pocket the company let him go .He was also escorted of the building and treated like a criminal .I understand they have to protect them selves but there is no call for this.

    +
    0 Votes
    puchatek2

    Regardless of the sysadmin's reason's for leaving, general character, or relationship with management, you send him/her home, paid to their last day, of course, and immediately disable all their accounts, and change the admin passwords on all admin accounts and any other accounts with elevated privileges. Better to be safe than sorry.

    +
    0 Votes
    angry_white_male

    ... it's nothing personal, but once a network person with all of the admin rights indicates he wants to leave, he becomes a liability. IT security has been my focus for a long time and it's all about mitigating risk. Aside from relocations and following hearts, most resignations aren't because they're happy... most people quit because they don't like their job, boss, salary, co-workers, etc. So there's a little bit of animosity.

    It's nothing personal. No one is accusing anyone of any wrong-doing, but the potential for one last hurrah because what are we gonna do - fire someone who just quit? (and there's plenty of stories out there about this sorta thing). Laws are still iffy at best when it comes to prosecuting these things.

    My goal is to do what's in the best interest of my employer, not someone who's about to walk out the door. His loyalty to me evaporated as soon as the 2-week notice landed on my desk - why should I return the favor? It's business.

    +
    0 Votes
    Big Ole Jack

    It's never good to come off being an a--hole when terminating an employee. Also, there will be less chances of the former employee trying to enact revenge or spiteful behavior if they are terminated in a professional and appropriate manner.

    +
    0 Votes
    sharpj

    When I gave my notice after 10 years, my VP had all my privs removed except basic email send/rcv. Someone else packed my office and i was allowed "limited" access to the 20 bldgs around to say my good-byes, then processed thru HR and given 2 weeks pay. Like they say, it's just good business.

    +
    0 Votes
    hforman

    Who said an employee was being "terminated"? The title reads that the person submitted his two-week notice. This is "self-termination". Everyone seems to be making a LOT of assumptions. The one that the employee wasn't happy was one of these. It may just be that there was some need to "move on". I think each case needs to be taken on it's own merrit if the employee is resigning. Offerring to help with the transition, maybe even giving MORE than 2 weeks, if possible" should relieve the tenseness of the situation. If the employee was going to do something, it would have already been done BEFORE he or she gave notice. As the person leaving, the employee should INSIST that his access be cut prior to his actual departure to protect him from any backlash or false accusations from the company. Usually, it is the management of the company that acts childish in these situations. Rapidly escorting the employee out is not well thought out and tends to backfire. Companies can be bad-mouthed also.

    Now, terminating and employee... that is a different issue.

    +
    0 Votes
    markck

    i can smell you a mile away you little jerk. your one comment said it all, why should i do him any favors? typical management double speak. again, look in the mirror and realize the small, small pathetic man you really are.

    +
    0 Votes
    fixit

    I actually think 'angry' there has a problem understanding that people who are truly good at their jobs put a big piece of themselves into their work. And cant conceptualize the idea that a person might want to do him or his company harm for treating them like less than a person. So I am just thinking he might have gotten himself burned a few times with his winning personality, and is using it to justify treating good people poorly.

    +
    0 Votes
    AstroCreep

    It's obvious you are concerned, but do you <I>really</i> need to be? <br>
    I can understand why you'd want to immediately remove his access to everything, but until you get someone to take over for him (at least in the interim, like a tech ready to 'step-up' or the CIO to focus on the administration side for a while) removing his access to things may cause problems because whenever he needs to do his job function(s), he will need to come to someone in authority to log him in or do a 'Run As'. <br>
    Going back to the 'has he given cause for concern' statement, has he? Does you company make people take a behavioral/psychological questionnaire (a`la PRADCO)? Were there any 'red-flags' that would give cause for concern?<br>
    I'd agree that I'd try and get someone to shadow/work with him. As long as you can do that, go ahead and limit his access and just make him <i>show</i> the other person where to go, what to do, and how to do it.<br>
    Good luck!

    +
    0 Votes
    zodder

    I was in a similar situation, but I was laid off instead of giving my 2 weeks for another job. While the urge for revenge was there, there was no way I was going to put my reputation on the line or do anything destructive to the system. I consider myself a professional and acted as such until my last day. I gave copious notes to management, created a comprehensive password list, and helped the outsourced IT people as much as I could until my last day. While I was pissed off at the circumstances surrounding the lay off, I wanted my legacy to be that of someone who cared, was competent, and was trustworthy. I hope I'm the norm and not the exception.

    +
    0 Votes
    rich.frueh

    This is what I have always done when leaving - I make sure the next person to do my job knows how, and I have all of my access limited to basic functionality, and then shadow them and have them do all of the work for 2 weeks.

    +
    0 Votes
    angry_white_male

    I know he wasn't a happy camper the past couple of months working for me. He would often go around me and to my boss (god forbid I make people earn their paychecks here and follow the rules)... and he even decided he was going to boycott my weekly one-on-one meetings.

    If it were up to me I would have walked him out the door once I got his notice - but I'm just a mid-level manager, not my decision.

    I've already yanked his remote access, and I'm slowly cutting back his admin privileges that won't impact his duties here.

    +
    0 Votes
    Locrian_Lyric

    their's 'not a happy camper' and then there's hostile.

    Give him a new best friend.....

    +
    0 Votes
    Absolutely

    to know how to make friends via strategic choices in enemy-making!

    +
    0 Votes
    Locrian_Lyric

    ended up taking out a director in the process...

    never p*ss off the little guy.

    +
    0 Votes
    Absolutely

    Tell me more. That sounds interesting.

    +
    0 Votes
    Locrian_Lyric

    This guy did CRAZY things... like beating a box fan with a 2/4, WHILE IT WAS RUNNING!!

    He also threw a block of wood at a guy and it missed his head by inches.

    The problem was this was a government job and he was 'in' with the party in power.

    This nut was also trying to get me fired or transferred. I allied myself with his political enemies and thus made enemies of his political allies.

    His enemies were stronger than his allies, and my new allies appreciated having the ammunition to take him out.

    I had pictures of malfeasance. I had evidence of other wrongdoings and I reported an incident against me, with witnesses.

    He immediately tried to get me reassigned, but my new allies blocked him, and banned him from my building. LOL!

    He eventually ended up losing his job, thanks to our efforts.

    And it all started because he wanted to replace me with a political cronie...

    +
    0 Votes
    Big Ole Jack

    Being an owner of my own firm, it's wise to never create enemies with your fellow coworkers or subordinates. There is nothing more sinister than having an employee leave on bad terms and taking all the access password with him/her. Be sure you have everything documented and make sure the usernames and passwords you have do indeed work...don't take anybody's word for it. It is standard practice to escort the person out as soon as notice is given, but if the relationship was good and there was a good level of trust, then you can let this person serve out their final two weeks. In your case, it sounds like this person might resort to malicious behavior, so I'd err on the side of caution and legal liability and boot him out pronto.

    +
    0 Votes
    Dr Dij

    no matter what you do, no matter that your paying them a good wage they think they should have more, no matter that you're the boss they make people dependant on them as they won't show anyone else how to run a process to generate data, etc.

    There's endless bogus reasons to be disgruntled and some will be whatever you do. You can't make friends with them all. You treat them in standard professional fashion and they're still intolerable.

    +
    0 Votes
    Locrian_Lyric

    You can't please everyone, but some of the things *I* have seen go beyond the pale and have in every instance destroyed loyalty and morale among the remaining folks...

    "Gee, did you see what they did to Dave? They took him to lunch and removed him from the system while he was out" (happened to a former coworker)

    "Did you see that, they sent security to his cube, turned off his computer, gave him five minutes to pack up and escorted him out. Not only that, they searched him on the way out" (happened to me)

    After incident #1, a number of folks found other work, and didn't give notice.

    After incident #2, same thing.

    You come down too heavy handed, and you get your remaining employees wondering how THEY will be treated.

    +
    0 Votes
    Dr Dij

    it goes both ways. Contractor I was working with was let go. Contractors have no expecation of notice. My boss told him but not me. A few hours later, boss tells me. I go look at his desk (had left by then) and he had been shredding then trashing listings of stuff he was working on.

    Fortunatly the reason we let him go was because he hadn't done pretty much of anything in all the time he'd been there so wasn't much loss.

    I'm just saying there are stupid companies and stupic employees. And the company can't depend on Karma to keep its systems secure. which reminds me of a gal who drove her mustang around and never locked it.. depended on 'karma' or 'Carma' to keep it from being burgled. Didn't work.

    +
    0 Votes
    Locrian_Lyric

    People who are always professional
    People who are never professional
    People who are swayed by circumstance.

    The first type, you don't have to worry about. The second, you can't stop. The third, you don't want to **** off.

    +
    0 Votes
    Absolutely

    Everybody is "swayed" by circumstance. Some tend more towards professionalism than others. Those that tend away from it intentionally should be identified easily, and never hired -- for anything!

    +
    0 Votes
    Locrian_Lyric

    I am a professional.

    I value my career.

    I will always conduct myself as a professional.

    I will never act unethically towards an employer.

    +
    0 Votes
    mknapp231

    Of course we only hear YOUR side of the story....

    +
    0 Votes
    troylhutchison

    You need to close his account and thank him for his service and show him the door.

    +
    0 Votes
    taboga

    That's what it boils down to, doesn't it? I mean, if anyone would have ever treated me like a criminal suspect after I had done the professional thing by giving an appropriate notice, I would have rescinded it and quit on the spot!

    If an employee is the ONLY person who has access to something, or is the only one who knows the "how to" for something -- that was management's first mistake. A lesson should be learned THERE.

    But if the guy is a professional and is doing the right thing and I already have someone who can step in (if only temporarily) and do his job -- I let him go right away and pay him for the two weeks. Why? Because he is leaving for a REASON. It may be money, it may be he is not satisified with job, future or whatever -- but he's leaving for a reason. And if I am paying him for a two-week vacation before he starts his new job, whatever his reason for leaving was, he will probably leave on good terms and not have a bone to pick with us in the future. And he won't be going around for the next two weeks telling everyone how much he's looking forward to leaving and how the job and/or the company "sucks". We don't need that. And besides, no one really does any WORK in their last two weeks anyway -- so it's not like you're losing anything by letting him go early.

  • +
    0 Votes
    Dr Dij

    to:
    be sure you know all the passwords to devices such as routers and root passwords to systems if you don't have other admins for same systems.

    be sure you have working backup tapes

    be sure you have documentation of his day to day procedures both for normal ops and to fix things that break regularly due to load, etc.
    (e.g. we had a router that crashed when too many users and only one net admin knew the 'fix')

    Is there someone else who can work with this guy in last two weeks?

    In an ideal setup you'd have a log device for system activities somewhere else that only the admin of that device could alter (e.g. another server that admin didn't have pwd to) and you could go back to this if anything 'blew up' suddenly.

    I left a company with a paranoid tyrant boss, and got a call a couple weeks later. It was to ask where a file was, which was fairly obvious. I told the guy where the file was and didn't think much of it, tho I wondered why he called.

    I found out months later from someone else who worked there that the system had crashed after I left and they were fishing to see if it sounded like I had anything to do with it. It was a hardware crash which I as a developer couldn't mystimagically create but the guy was paranoid.

    I suppose the answers to your questions could depend on his record and how he's perceived.

    Was he an egotistical dependancy builder who made people dependant on him to fix things because only he knew how and wouldn't show anyone else, or just a normal person?

    I'd consult HR; Did this guy not get any promised raises or bonuses like the guy at the brokerage firm who planted the logic bomb? Has he made any statements about dislike of the company in last couple years? Any major arguments with other depts or people he dislikes?

    +
    0 Votes
    dmckay2003

    I have been in this situation where I was layed off and immediately my email was locked! I wasn't able to send my farewell email even though I had no hard feelings. I was asked for all the passwords for all of the network appliances and gave my boss the admin password to everything. Even if you do have a grudge against a former employer, it seems to me that it would do you more harm than anything to plant a bomb or cause any loss of productivity. You have to remember that even though it's illegal to say something derogative or make a prospective employer feel like this person would be a bad choice it happens all the time in this industry. Why bother to do all the schooling and all the blood sweat and tears that we as systems and network engineers have to endure to get where we are if were going to destroy our career because of a job that didn't work out? Maybe it's just my age and the 20+ years of doing this that has shown me that making stupid moves like sabotage can end up only in a bad way and can never really pay off. Besides, didn't the question state that he gave notice? I would have to beleive that he is just moving on as we all do when we feel stagnant or need a change.

    Just my thoughts>>>>>>>>

    +
    0 Votes
    jc@dshs

    I totally agree.
    I've been the network admin at my current place of employ for 11 years. I have always done a good job, i am trusted by all the staff here,...You get the picture.
    If I decide that financially I can no longer resist the offer of a bigger pay packet (I'm 47, not getting any younger) or a new job with different challenges why would I suddenly overnight turn into the world's biggest security risk? I have always been totally professional in my approach with this company so why should that change all of a sudden?

    +
    0 Votes
    Locrian_Lyric

    ...a person expects others to do what he would do in the same situation.

    +
    0 Votes
    Tony Hopkinson

    If they bin you they expect you to get dischuffed

    If you leave they figure you are dischuffed, they just missed how they managed it.

    Personally I would be very offended at the idea, that I would sabotage something before I left.
    There again I did a departmental switch at one place, and they found it convenient to leave me with my access, 'just in case'

    A month or so later, something went wrong and they rang me up to see what I'd messed about with! Nothing to do with me of course, but I pressured them into removing my old privileges for their cheek.

    So it can work both ways.

    +
    0 Votes
    Locrian_Lyric

    I also had occasion to demand my accounts to be deleted.

    On another note....

    I was laid off from a company in 2001, then went back as a consultant in 2006.

    Some of my accounts were still there.....

    SKEEERY eh?

    +
    0 Votes
    Tony Hopkinson

    Server passwords still the same and sa for the DB....

    Good job I'm honest

    +
    0 Votes
    ananeo

    I recently gave my two weeks notice, but for some reason nobody expects me to go anywhere, boy are they going to be suprised.
    My integrity would not allow me to do something that could ollow me around the industry the rest of my life.
    There lost, not mine.

    +
    0 Votes
    Dr Dij

    some people DON'T think it will follow them around. What with companies afraid to give bad ref to anyone. And not everyoen is good or will do the right thing.. Some good books on insider theft of data also mention how to handle incidents of system and data destruction.

    And I was saying in orig post to evaluate each person. e.g. do they have a history of complaining or disciplinary action, previous threats to quit, layoffs, turned down for promo or bonus, or other reasons to commit destructive acts?

    +
    0 Votes
    ImNotLisa

    that's a scary thought.

    +
    0 Votes
    Locrian_Lyric

    It's human nature.

    by the same token, we have a hard time conceiving of the things we are not inclined to do

    +
    0 Votes
    rsbowman

    That is only the first time. Sometimes managers see people do things that the manager would never conceive of himself doing. He then learns to expect that behavior of others.

    It would be a mistake to judge the manager's character by this law just because he has learned that not all people behave as he would.

    +
    0 Votes
    Locrian_Lyric

    including this one....

    Still, unfounded accusations/suspicions are more representative of proclivity as opposed to experience.

    +
    0 Votes
    ang2006

    Funny I was thinking the exact same thing when I read your post. Could be a case of the pot calling the kettle black.

    +
    0 Votes
    yosef.sheinfil

    Unfortunately, not everyone keeps the law. Life has shown me that although there are many good people, there are some people out there who do "bad things" for self gain or not, which I find puzzling.

    +
    0 Votes
    Big Ole Jack

    From the HR and legal standpoint, the instance you declare your 2 weeks notice, you are pretty much advertising to your employer that you are no longer part of the company and that you are voluntarily asking to be cut off from the payroll. Yes, they could be professional about it and let you work off your final 2 weeks, but those in HR and legal need to set an example and give the appearance that they are "adhering to corporate policy..aka..status quo" by escorting you out of the building and erasing all remnants and traces of you ever having worked for them, excluding your social security number so that they can process your W2 at tax time. If they pick and choose who they want to boot out and who they want to keep, they won't have the opportunity to boot out a malicious employee when the times comes because their status quo will be challenged.

    +
    0 Votes
    tonyackerman

    Not to sound arguementative, but that course of action is irresponsible and puts the company at risk unless the actions I've outlined in my previous post have been taken. This is often the course recommended by groups that truly don't understand the critical path nature of certain types of careers fields and keystone people within an organization that hasn't taken appropriate actions in the beginnng.
    These people are not "cookie cutter" employees and should not be treated with such a cavalier attitude. Unplugging them like this is guarranteed to cause discension in the ranks and create the very situation that you want to avoid.

    Trust and professionalism is expected from both sides of this coin.

    +
    0 Votes
    Dr Dij

    because its happened to us. One employee of a school district my former boss was consulting with started being 'too stressed' to come into work. She was the only one who had the admin pwd to a unix system. She wouldn't give it to anyone. And they had trouble firing her because school district, not private employer.

    Another person (not system admin) wouldn't document any of her job, and erased production templates before she left. We had to scramble and rewrite some of these systems. Kind of our fault too for not backing up her PC and making her write procudures before that.

    +
    0 Votes
    Tony Hopkinson

    of an employee with no documentation on what they did, could do, or have.

    Even if it's not hostile, you are still stuffed.

    Two months wouldn't be enough time to hand over, never mind two weeks.

    +
    0 Votes
    Tony Hopkinson

    on how good your procedures are. If he's a critical, with lot's of secrets, you are SOL.

    Is it an amicable leave?

    If they are good pay the guy, let him go. shift all the passwords, and breathe a little safer.

    Assuming he's going to leave you in the lurch and treating him like that, is pretty much a self fulfilling prophecy though.

    +
    0 Votes
    mjd420nova

    We have in place an exit procedure for just those reasons. It does consist of password and access procedures for all systems and hardware. Company already had serious problems in this manner and started the routine to guard against problems. Also the manager has on record all needed info in the case of major failure or emergency. We had the lead administrator depart regretfully due to a traffic fatality and left things in fine shape but no way to make any changes. Took three weeks to cycle all hardware thru default settings to gain control and reset passwords. I wouldn't wish that kind of **** on anyone but my worst enemy.

    +
    0 Votes
    mcdet

    I guess this is why the change management is the key where everything must go through approval and recorded. Having to say that, not all processes had been followed closely, all the pre-cautionary steps required to undo any harm that might raise in the future.

    +
    0 Votes
    gadgetgirl

    get someone working in parallel with him. Make sure that person takes lots of notes for things that may be needed in future. Also keeps an eye on what he's doing.

    Next, look at his documentation. Make sure it's up to date, readable, followable, and makes sense. If you have time, check it through in a live situation. (I know someone who left a load of micky mouse paperwork, which wasn't checked until a failure and was found to be absolutely useless)

    Don't just check your back ups, check the restores, too. All programs have fads and foibles - you need to know "which way around" the program needs to be done. i.e. should folder creation be done first or last? Seems silly, but some programs crash and die if things are done in the "wrong way".

    By all means, get all his passwords. But, please, quietly check them ALL. I know of a situation where passwords were left; the first six worked, the rest didn't .....

    Pull any privileges he doesn't need on a day to day basis. Gives him less opportunity to place havoc with your systems.

    For goodness sake, take his ipod, and any other devices off him! While he's still in your employ, you have a right (or at least you do here in the UK) to check his personal possessions for data removal. It's probably already gone, but by asking to check them, he'll think twice about using any data he has. If necessary, get him to sign some form of words on paper to legally ensure he can't use/keep IPR/patents on anything related to the company.

    Make sure all his user accounts not having admin access are scheduled to expire the minute he leaves the building.

    And the minute he leaves the building, change all the admin passwords you have on that checked list!

    (Needless to say, double check any that allow VPN/remote access - oh, and look for any programs that allow that too, in case he's left himself a back door.........)

    Let us know how you get on.

    Best of luck - been there, done that, escorted the guy off the premises. You need all the luck you can get!

    PM me if you need more

    GG

    +
    0 Votes
    mailrick

    Disable all his access and pay him til his last day. Just discussed this yesterday in Windows Server 2003, 70-298 class. He shouldn't take it personally - this is just a fact of life/business these days - unfortunately.

    +
    0 Votes
    terryd64

    If you are managing correctly there shouldn't be any hidden secret procedures that nobody knows about.

    Think of the worst case scenario. Your ace administrator doesn't file his two weeks amicably, he gets killed on his commute to or from work. What do you do then? Hold a seance to retrieve that information? Nobody is irreplacable and the sooner your employees know that the better off they and your company will be.

    There should NOT be shared administrative Passwords! These are dangerous and always run the risk of either not getting changed or being very simple.

    There SHOULD be well documented procedures for even the the simplest and most common procedures.

    It is the managers job to ensure these practices are updated and kept secure.

    If the split is amicable, the employee willl enjoy receiving 2 weeks pay for all his effort with the company.

    Last but not least, make sure your employes are aware of this policy up front when you hire them or when the policy is implemented.

    +
    0 Votes
    Inkling

    I put my two weeks in a week ago and fully expected to be shown the door right away.

    They are allowing me to work the remainder of the time, but my feelings wouldn't have been hurt at all.

    It's a small company and I had everything prepared for my manager (SOPs, passwords, anything that would make replacing me easier) just in case.

    My boss and I did talk about it, but he said that he trusted me. The President of the company seemed shocked that I expected that kind of treatment though.

    Either way. If I were the one making the decisions, I would have allowed me to clean my desk out and escorted me out of the building with all my best wishes.

    It's nothing personal. Unfortunately, you have to prepare for the lowest common denominator and treat everyone accordingly to protect the company.

    +
    0 Votes
    feral

    If his departure is amicable and you can only discover that with a thorough debrief then you should not have too much drama I would think.

    During his last two weeks make sure all his daily procedures are documented and you obtain passwords to all systems as suggested.

    Depending on how you intend to fill his shoes, I would hire a contractor from a reputable firm immediately to shadow and learn the role with a possibility of it going to full time.
    Once the contractor is in place then he can assume the role of admin in conjunction with the incumbent and cut over the job. The outgoing admin should be ok with this.

    Make sure the contractor is properly qualified so that he can call it out if he sees something amiss, also brief the guy to bring it quietly to your attention if he suspects mischief then go hard.

    Do not cut his access off unless you are going to terminate him immediately, that would be suicidal to the business especially if you do not have his accesses sorted out.

    If you do for whatever reason need to terminate him immediately be careful, co ordinate this so that as he is walking to the office for his termination have someone capable disable all his access, LAN, WAN and remote and take control and ownership of his profile and data.
    Check that there are no suspicious accounts on servers and disable them if there are and so on.
    Once his access is removed escort him to the office have him pack and escort him offsite, do not let him log in again for any reason.

    +
    0 Votes
    masontony

    I was laid off after an eight month period with a company ,I was paid up for my two week notice and told to leave the laptop ,van keys and anything else .I was then escorted off the premises.This was not a nice feeling and was uncalled for .
    My son also works in IT and when he was attending a course which was out off his own pocket the company let him go .He was also escorted of the building and treated like a criminal .I understand they have to protect them selves but there is no call for this.

    +
    0 Votes
    puchatek2

    Regardless of the sysadmin's reason's for leaving, general character, or relationship with management, you send him/her home, paid to their last day, of course, and immediately disable all their accounts, and change the admin passwords on all admin accounts and any other accounts with elevated privileges. Better to be safe than sorry.

    +
    0 Votes
    angry_white_male

    ... it's nothing personal, but once a network person with all of the admin rights indicates he wants to leave, he becomes a liability. IT security has been my focus for a long time and it's all about mitigating risk. Aside from relocations and following hearts, most resignations aren't because they're happy... most people quit because they don't like their job, boss, salary, co-workers, etc. So there's a little bit of animosity.

    It's nothing personal. No one is accusing anyone of any wrong-doing, but the potential for one last hurrah because what are we gonna do - fire someone who just quit? (and there's plenty of stories out there about this sorta thing). Laws are still iffy at best when it comes to prosecuting these things.

    My goal is to do what's in the best interest of my employer, not someone who's about to walk out the door. His loyalty to me evaporated as soon as the 2-week notice landed on my desk - why should I return the favor? It's business.

    +
    0 Votes
    Big Ole Jack

    It's never good to come off being an a--hole when terminating an employee. Also, there will be less chances of the former employee trying to enact revenge or spiteful behavior if they are terminated in a professional and appropriate manner.

    +
    0 Votes
    sharpj

    When I gave my notice after 10 years, my VP had all my privs removed except basic email send/rcv. Someone else packed my office and i was allowed "limited" access to the 20 bldgs around to say my good-byes, then processed thru HR and given 2 weeks pay. Like they say, it's just good business.

    +
    0 Votes
    hforman

    Who said an employee was being "terminated"? The title reads that the person submitted his two-week notice. This is "self-termination". Everyone seems to be making a LOT of assumptions. The one that the employee wasn't happy was one of these. It may just be that there was some need to "move on". I think each case needs to be taken on it's own merrit if the employee is resigning. Offerring to help with the transition, maybe even giving MORE than 2 weeks, if possible" should relieve the tenseness of the situation. If the employee was going to do something, it would have already been done BEFORE he or she gave notice. As the person leaving, the employee should INSIST that his access be cut prior to his actual departure to protect him from any backlash or false accusations from the company. Usually, it is the management of the company that acts childish in these situations. Rapidly escorting the employee out is not well thought out and tends to backfire. Companies can be bad-mouthed also.

    Now, terminating and employee... that is a different issue.

    +
    0 Votes
    markck

    i can smell you a mile away you little jerk. your one comment said it all, why should i do him any favors? typical management double speak. again, look in the mirror and realize the small, small pathetic man you really are.

    +
    0 Votes
    fixit

    I actually think 'angry' there has a problem understanding that people who are truly good at their jobs put a big piece of themselves into their work. And cant conceptualize the idea that a person might want to do him or his company harm for treating them like less than a person. So I am just thinking he might have gotten himself burned a few times with his winning personality, and is using it to justify treating good people poorly.

    +
    0 Votes
    AstroCreep

    It's obvious you are concerned, but do you <I>really</i> need to be? <br>
    I can understand why you'd want to immediately remove his access to everything, but until you get someone to take over for him (at least in the interim, like a tech ready to 'step-up' or the CIO to focus on the administration side for a while) removing his access to things may cause problems because whenever he needs to do his job function(s), he will need to come to someone in authority to log him in or do a 'Run As'. <br>
    Going back to the 'has he given cause for concern' statement, has he? Does you company make people take a behavioral/psychological questionnaire (a`la PRADCO)? Were there any 'red-flags' that would give cause for concern?<br>
    I'd agree that I'd try and get someone to shadow/work with him. As long as you can do that, go ahead and limit his access and just make him <i>show</i> the other person where to go, what to do, and how to do it.<br>
    Good luck!

    +
    0 Votes
    zodder

    I was in a similar situation, but I was laid off instead of giving my 2 weeks for another job. While the urge for revenge was there, there was no way I was going to put my reputation on the line or do anything destructive to the system. I consider myself a professional and acted as such until my last day. I gave copious notes to management, created a comprehensive password list, and helped the outsourced IT people as much as I could until my last day. While I was pissed off at the circumstances surrounding the lay off, I wanted my legacy to be that of someone who cared, was competent, and was trustworthy. I hope I'm the norm and not the exception.

    +
    0 Votes
    rich.frueh

    This is what I have always done when leaving - I make sure the next person to do my job knows how, and I have all of my access limited to basic functionality, and then shadow them and have them do all of the work for 2 weeks.

    +
    0 Votes
    angry_white_male

    I know he wasn't a happy camper the past couple of months working for me. He would often go around me and to my boss (god forbid I make people earn their paychecks here and follow the rules)... and he even decided he was going to boycott my weekly one-on-one meetings.

    If it were up to me I would have walked him out the door once I got his notice - but I'm just a mid-level manager, not my decision.

    I've already yanked his remote access, and I'm slowly cutting back his admin privileges that won't impact his duties here.

    +
    0 Votes
    Locrian_Lyric

    their's 'not a happy camper' and then there's hostile.

    Give him a new best friend.....

    +
    0 Votes
    Absolutely

    to know how to make friends via strategic choices in enemy-making!

    +
    0 Votes
    Locrian_Lyric

    ended up taking out a director in the process...

    never p*ss off the little guy.

    +
    0 Votes
    Absolutely

    Tell me more. That sounds interesting.

    +
    0 Votes
    Locrian_Lyric

    This guy did CRAZY things... like beating a box fan with a 2/4, WHILE IT WAS RUNNING!!

    He also threw a block of wood at a guy and it missed his head by inches.

    The problem was this was a government job and he was 'in' with the party in power.

    This nut was also trying to get me fired or transferred. I allied myself with his political enemies and thus made enemies of his political allies.

    His enemies were stronger than his allies, and my new allies appreciated having the ammunition to take him out.

    I had pictures of malfeasance. I had evidence of other wrongdoings and I reported an incident against me, with witnesses.

    He immediately tried to get me reassigned, but my new allies blocked him, and banned him from my building. LOL!

    He eventually ended up losing his job, thanks to our efforts.

    And it all started because he wanted to replace me with a political cronie...

    +
    0 Votes
    Big Ole Jack

    Being an owner of my own firm, it's wise to never create enemies with your fellow coworkers or subordinates. There is nothing more sinister than having an employee leave on bad terms and taking all the access password with him/her. Be sure you have everything documented and make sure the usernames and passwords you have do indeed work...don't take anybody's word for it. It is standard practice to escort the person out as soon as notice is given, but if the relationship was good and there was a good level of trust, then you can let this person serve out their final two weeks. In your case, it sounds like this person might resort to malicious behavior, so I'd err on the side of caution and legal liability and boot him out pronto.

    +
    0 Votes
    Dr Dij

    no matter what you do, no matter that your paying them a good wage they think they should have more, no matter that you're the boss they make people dependant on them as they won't show anyone else how to run a process to generate data, etc.

    There's endless bogus reasons to be disgruntled and some will be whatever you do. You can't make friends with them all. You treat them in standard professional fashion and they're still intolerable.

    +
    0 Votes
    Locrian_Lyric

    You can't please everyone, but some of the things *I* have seen go beyond the pale and have in every instance destroyed loyalty and morale among the remaining folks...

    "Gee, did you see what they did to Dave? They took him to lunch and removed him from the system while he was out" (happened to a former coworker)

    "Did you see that, they sent security to his cube, turned off his computer, gave him five minutes to pack up and escorted him out. Not only that, they searched him on the way out" (happened to me)

    After incident #1, a number of folks found other work, and didn't give notice.

    After incident #2, same thing.

    You come down too heavy handed, and you get your remaining employees wondering how THEY will be treated.

    +
    0 Votes
    Dr Dij

    it goes both ways. Contractor I was working with was let go. Contractors have no expecation of notice. My boss told him but not me. A few hours later, boss tells me. I go look at his desk (had left by then) and he had been shredding then trashing listings of stuff he was working on.

    Fortunatly the reason we let him go was because he hadn't done pretty much of anything in all the time he'd been there so wasn't much loss.

    I'm just saying there are stupid companies and stupic employees. And the company can't depend on Karma to keep its systems secure. which reminds me of a gal who drove her mustang around and never locked it.. depended on 'karma' or 'Carma' to keep it from being burgled. Didn't work.

    +
    0 Votes
    Locrian_Lyric

    People who are always professional
    People who are never professional
    People who are swayed by circumstance.

    The first type, you don't have to worry about. The second, you can't stop. The third, you don't want to **** off.

    +
    0 Votes
    Absolutely

    Everybody is "swayed" by circumstance. Some tend more towards professionalism than others. Those that tend away from it intentionally should be identified easily, and never hired -- for anything!

    +
    0 Votes
    Locrian_Lyric

    I am a professional.

    I value my career.

    I will always conduct myself as a professional.

    I will never act unethically towards an employer.

    +
    0 Votes
    mknapp231

    Of course we only hear YOUR side of the story....

    +
    0 Votes
    troylhutchison

    You need to close his account and thank him for his service and show him the door.

    +
    0 Votes
    taboga

    That's what it boils down to, doesn't it? I mean, if anyone would have ever treated me like a criminal suspect after I had done the professional thing by giving an appropriate notice, I would have rescinded it and quit on the spot!

    If an employee is the ONLY person who has access to something, or is the only one who knows the "how to" for something -- that was management's first mistake. A lesson should be learned THERE.

    But if the guy is a professional and is doing the right thing and I already have someone who can step in (if only temporarily) and do his job -- I let him go right away and pay him for the two weeks. Why? Because he is leaving for a REASON. It may be money, it may be he is not satisified with job, future or whatever -- but he's leaving for a reason. And if I am paying him for a two-week vacation before he starts his new job, whatever his reason for leaving was, he will probably leave on good terms and not have a bone to pick with us in the future. And he won't be going around for the next two weeks telling everyone how much he's looking forward to leaving and how the job and/or the company "sucks". We don't need that. And besides, no one really does any WORK in their last two weeks anyway -- so it's not like you're losing anything by letting him go early.