4.20.2009

Guard computers vs. disgruntled, laid-off employees

There are good words of wisdom in this story, sent to me by a PR person. This is a copy/paste job.

Businesses Affected by Recession Should Guard Against Computer Havoc by Disgruntled Laid-Off Employees

Gary Kessler, a nationally recognized computer security expert and director of the master’s program in digital investigation management at Champlain College in Burlington, Vt. says that in a recession, small businesses are especially vulnerable to computer havoc by laid-off employees, and should take steps to prevent such situations.

If they don’t take action, says Kessler, they could find data files altered or destroyed, hidden logic bombs set to wreak computer havoc on a certain date and other costly computer mischief.

“Large corporations have policies, procedures and staffs to deal with this kind of situation,” Kessler says. “But small companies often are run like families, which leaves them susceptible because they don’t feel their employees would undermine them. But often when someone is laid off, through no fault of their own, they become angry and do things impulsively that they later regret.” Among Kessler’s suggested precautions:

• In a large company, a laid off employee’s computer sometimes is seized, or someone it waiting at his or her desk to collect keys and other items. They also usually change passwords and access to sensitive files. Small businesses should attempt follow similar procedures.

• The small business should consider asking the laid-off to leave immediately, perhaps with a month’s severance, so they can begin looking for a new job. This also allows the company to begin blocking access to computer files by the former employee.


• Treat information as if you do run a large corporation, assessing who should have access to what files, monitoring that access, and developing policies that will protect your business.


• Consult with your local small business administration office about computer security policies and procedures, especially as they relate to laid-off or fired employees.


Kessler is a member of the High Technology Crime Investigation Association (HTCIA) and frequent speaker at HTCIA events; he is also a technical consultant to the Vermont Internet Crimes Against Children (ICAC) Task Force, a member of the editorial board of the Journal of Digital Forensic Practice, and a principal in GKS Digital Services, LLC (http://www.gksdigitalservices.com).

2 comments:

Paul N. Leroux said...

Interesting statement: "But often when someone is laid off, through no fault of their own, they become angry and do things impulsively that they later regret.”

So if I do something bad because I get angry, it's not my fault? I don't think I want to be excused that easily for any bad behavior I may engage in. Sets a bad precedent. :-)

Paul N. Leroux said...

Re-reading the article, I now realize the author probably intended the phrase "through no fault of their own" to modify "when someone is laid off". Oops. :-)

About Me

My Photo
Co-founder and editorial director of BZ Media, which publishes SD Times, the leading magazine for the software development industry. Founder of SPTechCon: The SharePoint Technology Conference, AnDevCon: The Android Developer Conference, and Big Data TechCon. Also president and principal analyst of Camden Associates, an IT consulting and analyst firm.