Boy this is a hard one to swallow.
While running an after hours audit of users systems we found a user machine that was running an application called LC3; which is a tool used for sniffing a network for account names and passwords then cracking said passwords with, up to, brute force ability.
Needless to say, I and the other member of the IT staff were floored at such a brass attempt to compromise internal security. What made it worse is that it was being done by an executive of the company (VP of Sales).
All of the IT department (all two of us) and the HR manager gathered as much information as we could. We read through the Company Security Policy (thankfully it was recently updated), we poured over the documentation for LC3 tomake sure it didn?t have any other uses. We found the logs from where he downloaded the application (from his son?s website, a known hacker), we documented when he installed it and how long it was running (three days on brute force mode). The CEO even involved the company attorney for this matter. And after a two week hiatus and another week sitting on the decision the CEO has decided to do nothing more than slap the hands of the VP, requiring him to sign papers ?claiming this is his last chance,? and tightening security on his workstation.
Here?s my dilemma: Is this right? From everything I?ve ever read in regards to situations like this the employee is terminated on the spot and walked out the building. Also, what?s the likelihood of the employee trying it again?
Any feedback would be greatly appreciated.