Section 7.3 Accounts Policy

Previous page
Table of content
Next page
   

7.3 Accounts Policy

graphics/fivedangerlevel.gif

The obvious should be stated and followed, namely the following:

  • A user shall not tell his password to anyone except possibly the SysAdmin, not even management. If anyone asks a user for his password, the user is required to notify the SysAdmin immediately.

  • Company systems may not be used for side businesses. (Some companies might allow this if it does not impact the company and it is on the employee's time.)

  • The computer may be used for some personal matters, such as finance, some surfing, and the occasional letter, but excessive use will be grounds for dismissal "for goofing off."

  • When a manager fires an employee (or possibly terminates a consultant's contract), a SysAdmin must be notified in time to turn off the employee's account and disconnect any "personal" system from the network. Typically, word is received as the employee is called into the meeting. Policy should require the SysAdmin to deactivate the account at that time. Similar policy should be followed when an employee resigns, though time is not of the essence because the employee already would have done any damage that he might have been contemplating. As a courtesy, many companies will forward an ex-employee's e-mail address to a new address of the person's choosing.

    There is nothing wrong with this, unless there is the danger of clients and others being able to contact the ex-employee and getting led to his new company, causing your company to lose that business. If the person's e-mail is forwarded to his new address, do take the e-mail address off any confidential company mailing lists. (If it is not forwarded, make the mailbox nonwritable or otherwise prevent it from receiving e-mail so the mailbox will not fill up with e-mail from mailing lists and the resulting bounced e-mail will cause most mailing lists to drop the address from the list.) It also is a courtesy to allow the now ex-employee to copy personal data off the computer, though certainly not an obligation. If allowed, either the person's manager or a SysAdmin should ensure that confidential company data, such as customer lists, employee names, and engineering data is not also copied.

When an employee or consultant leaves, or a business relationship is terminated, data in many areas needs to be updated. Some of these places are listed here.

  1. System logins (passwords)

  2. Network logins (dial-in, PPP, etc.)

  3. Other systems, including mainframes and lab machines

  4. E-mail forwarding, mailing lists, existing e-mail

  5. Directories

  6. Voice mail

  7. VPN access

  8. Firewall rules

  9. Access badges and parking access


       
    Top

    Previous page
    Table of content
    Next page
    Real World Linux Security Prentice Hall Ptr Open Source Technology Series
    Real World Linux Security Prentice Hall Ptr Open Source Technology Series
    ISBN: N/A
    EAN: N/A
    Year: 2002
    Pages: 260
    BUY ON AMAZON
    OpenSSH: A Survival Guide for Secure Shell Handling (Version 1.0)
    C++ How to Program (5th Edition)
    Information Dashboard Design: The Effective Visual Communication of Data
    Web Systems Design and Online Consumer Behavior
    Java Concurrency in Practice
    GDI+ Programming with C#
    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net
    Privacy policy