Be Careful When You Sack an IT Employee

Sacking an employee is extremely easy. All you need is just to hand over a piece of letter sealed with a nice white envelope to the victim and tell them to collect their paycheck from the Human Resource Department. It is pretty self explanatory after that as no further explanation is required. The guy (let’s take guy as an example) will get a nice paper box to pack up all their belongings and wait for  the security to check the things that they are going to take. As soon as the guy walk out of the front door, the case is close and nobody will talk about him anymore except for the gals will start to gossip about him from head to toe regardless he is a cute looking boy or not.

Well, that’s for normal employee. They won’t do anything further but just to quickly grab a copy of newspaper and start looking at the classified sections. If you sack an IT people, I don’t think the same thing will happen unless he had a great commitment to commit. Usually, IT people does not hurry for their next job somehow. Probably the world needs too many engineers until they are not scared that they will not get a job in this field. As a result, they will tend to do something stupid when they suddenly have additional 9 hours in their life to spend.

Previously, there was a case where a sacked IT employee hacks into the company network and somehow managed to replaced all the CEO’s presentation materials with adult materials. That was like two months ago and we thought the world had learned this lesson that we should not allow this to happen anymore. This might happen to most employers but definitely not Shionogi Inc. They had recently fired a senior IT manager, Cornish who successfully hacked into the company and caused a serious damage to the company.

It was not as easy as ABC as Cornish took up to 20 attempts to hack into Shionogi’s network where he finally did it and secretly installed a VMWare vSphere management console software. On one fine day, Cornish went to a McDonald Restaurant and made a purchase probably a meal of $4.98 with his credit card. Five minutes after that transaction, he logged into the Shionogi’s network via the McDonald free WiFi and begin to delete the contents of 15 virtual servers which are equivalent to 88 actual servers.

The company’s infrastructure was badly damage at that time as every IT infrastructure of the company was downed including the email server, BlackBerry server, order tracking server and financial management software. It was so bad until the company was unable to ship out products and send emails for days. As a result, the company suffered a total of $800,000 USD.  FBI managed to tracked the activity came from the McDonald’s WiFi where Cornish had his credit card swiped and he finally pleaded guilty for his act. He now faced a sentence of 10 years in prison and starting from November.

The moral of this true story is that employers should ensure that all their employees who leave the company should have every little details removed from the IT network. Be it the Active Directory account, VPN account, Remote Access account or even the door access account should all be removed once the employee left. People who left an organization sometimes have the intention to try and login back into their previous company even for fun. So why not erase everything and stop them completely from even having the chance to login back into the company?

Don’t forget to join the Subscribe, Share and Win Contest which will end by the 28th of August 2011.

Build Your Own Security
Subscribe to my newsletter and get a copy of my eBook for free.
We hate spam just as much as you

Related posts:

  1. Zeus is Up For Sale?
  2. The Conclusion to Malaysia Government Hacked
  3. Sony Data Breach Coming to the End?
About Alan Tay

This blog is owned and operated by myMediaInc. My Media operates content based online portals for IT professionals, technology managers and decision makers as well as business leaders. We publish original quality content focused in Software Development, IT Security, SaaS, Cloud Computing, Outsourcing, Project Management and Mobile and Wireless. Our mission is to explore how to help you optimize your resources in each of these areas.

Find us here IT Security Column.

Speak Your Mind

*

CommentLuv badge
This blog uses premium CommentLuv which allows you to put your keywords with your name if you have had 3 approved comments. Use your real name and then @ your keywords (maximum of 3)