Ask Slashdot: Dealing With User Resignation From an IT Perspective? 279
New submitter recaptcha writes Today one of my fellow workers has announced he has found another job and will be leaving our company in two weeks' time. This is all above board and there is no disgruntled employee scenario here; he is simply working through his notice period and finishing up some jobs. I have already set some fileserver folders to Read-Only for him and taken a backup of his mailbox in case he empties it on the last day. Which best practices do you follow that will prevent a resigning user from causing any damage (deliberately or not) in these last days of employment before his account is disabled?
Delete stuff. (Score:5, Informative)
Get him to delete anything personal, because chances are his co-workers are going to be asking for access to his files and emails so they can continue whatever work he was in the middle of.
Re:Delete stuff. (Score:4, Funny)
Its working well for secretary clinton
Re: (Score:2, Interesting)
But first make a backup of his computer/files. Because a lot of what people call "personal" isn't. And a lot of what isn't personal they think is unimportant.
Re:Delete stuff. (Score:4, Insightful)
And beyond this... if it's on the company computer, it's on the company's time, and is the company's business. A lot of people forget this and use company systems for personal stuff, but it's still company data, and has been proven to be so in court.
So yeah; back up everything now, and then provide a sanitized version for others to look through as need arises.
The truth is, even if there's something critical in the backup, it's likely that nobody will ever know its there and so have reason to go looking for it. But CYA is always important for IT.
Re: (Score:2)
> ... if it's on the company computer, it's on the company's time
So when I fired up my work laptop at 11 pm to watch a movie on amazon prime while I played videos on my desktop, you are saying that is company time which I should be compensated for? Pretty sure the company would tend to disagree on that, maybe I should ask if they want me to add those hours to my timesheet?
Re: (Score:2)
But if you get the laptop infected with a virus on your personal time usage...do you compensate them for their work to clean it?
Re: (Score:3)
Re:Delete stuff. (Score:4, Insightful)
Likewise, if you resign, it's not your IT department's job to make sure your former teammates don't find out about your "My Little Pony" fan club. If you want to keep that secret from your work, don't use work hardware to do it.
Huh? (Score:3)
That is not at all what the person stated. If the company gives you a car for sales calls and you get busted getting a prostitute (again?) after hours the company has the right to know. Further they can be held liable for all kinds of nice damages since you used their car to get the prostitute. Impound fees you may no longer be able to afford, STD tests because the prostitute accused you of being dirty, pregnancy test for the prostitute, HIV testing if you got saliva on a cop, etc...
Some people have this
Re: (Score:2)
Why would anyone aside from himself need access to his emails? If someone needed to see them, they would have been CCed on them.
Re: (Score:2)
Customers don't CC people when they place an order or report bugs or ask about something that may lead to a big sale later.
Shouldn't this stuff be notated via an actual ticketing system for bugs, or a customer contact management system that everyone has access to, instead of the employee's own email?
Re:Delete stuff. (Score:4, Interesting)
I've never had a particularly bad experience quitting jobs, and the more graceful employers have always left themselves in situations where they can call me up and ask if they need a particular file or piece of knowledge or hire me back on a short term basis to fix a problem.
One employer early in my career even pointed out that my workstation was slated for recycling when I was done with it and let me take it home. Somehow security didn't bat an eyelid when I signed that out and simultaneously handed over my termination documents and badge.
Re: (Score:3)
There are a couple of documents on my work computer, relevant to my work, that are licensed to me personally. Anyone else accessing them is violating the license. I'd say those are personal, although work-related.
Why not let him know what to do (Score:5, Insightful)
Re:Why not let him know what to do (Score:5, Insightful)
Re: (Score:2)
Re: (Score:3)
Moreover, from past experience, there are a significant number of people that resign and provide "proper" notice that have plans to compete against said former employer. The really maniacal ones start about a year before they leave, and shift communications to personal email addresses and phone numbers, and in innocuously start using a Box account for confidential information.
They have also likely copied everything off the servers they might want in the future.
Pretty much everyone that quits feels like the
Why? (Score:3, Insightful)
You have fucking backups right?
What's he going to remove from your access that's critical to you, under that scenario?
Don't bother with all that shit, and if you think he may do something malicious (e.g. send out inappropriate emails, steal the customer database, etc.) then shut him off now and pay him to "work" his last few days out at home.
But putting fileservers on read-only in case he does damage? That just tells me that you have no concept of data resiliency anyway.
Re: (Score:2)
then shut him off now and pay him to "work" his last few days out at home.
Actually, I think that's a good idea anyway, coupled wioth switching off any of his computers: it answers the question of precisely how much the shit will hit the fan when he leaves. It will reveal if there's anything unexpected which is dependent on him which no one has realised, like some cron job running on his machine which does something unexpectedly important and etc.
If it's not the kind of ortanisation where things like that c
Re:Why? (Score:4, Insightful)
Re:Why? (Score:4, Insightful)
Hm good point.
Might be best to have a hybrid strategy of some sort then. I, personally think it's dickish and stupid to freeze out an employee who resigns on good terms with the company: they're no less trustworthy after then before.
So yeah, careful decisions are required. Probably best to play it by ear. It's almost certainly worth disabling his accounts and switching off his computers for at least one day just to see if anything breaks. They can always be re-enabled the next day.
Re: (Score:2)
Far better to spend some time:
Then play any changes to the plan by ear, insuring the primary concerns are always... primary.
Re:Why? (Score:5, Interesting)
We had a person like that, everyone thought she just walked around the office batting her eyelashes to get out of doing work. Then she got let go and all hell broke loose because nobody had any idea she was monitoring logs and jobs for all kind of things through out the enterprise everyday fixing stalled jobs etc... not on her workstation but still. She liked to ask me questions and had me check some of them when she would go on leave so I had an idea we were screwed.
Re:Why? (Score:4, Insightful)
Your comment would have been much more meaningful if you had been able to attempt to express yourself without the expletives. While I mostly agree with the content of your post, it loses credibility since you couldn't get a couple of sentences out without cursing. I am sure you are an intelligent person, but the expletives counter that idea.
Re: (Score:2)
Your comment would have been much more meaningful if you had been able to attempt to express yourself without the expletives. While I mostly agree with the content of your post, it loses credibility since you couldn't get a couple of sentences out without cursing. I am sure you are an intelligent person, but the expletives counter that idea.
I could hardly disagree more. Emphasizing a point with flavorful words is not an indication of less intelligence, or that the idea is less meaningful. There are certainly times and places where such emphasis is inappropriate, but an internet forum is not such a place.
Re:Why? (Score:5, Insightful)
Profanity is a crutch.
Empty platitudes repeated by people who dislike profanity for the sake of feeling good about themselves. Profanity is one of many tools that people can use to express themselves, and it is completely unrelated the strength of the points being argued. The sun is fucking hot, the sky is damn blue, and shit like "profanity is the sign of a weak argument" is ignorant and fallacious.
Re: (Score:3)
I consider use of profanity not to be an indicator of any of the following:
Laziness
Lack of intelligence
Lack of articulation
Lack of class.
Because you can go out of your way to swear. You can swear and make a fool of yourself. And you can swear in sublimely perfect diction. In fact, some of the best writing and insults I've ever witnessed are exactly the latter. Call it the Stephen Fry syndrome.
The indicator is: Is is JUST swearing and no content? Have I used expletives to bulk up an sentence otherwise
Re: (Score:2)
Re: (Score:2)
This!
Even in IT, I have a backup of all email files, and daily backups. Sadly, if I leave, we will have issues. I do control the backups, but so much data has been moved to tape that recovery is possible, even after a lengthy period of time.
User accounts are expected to expire when they expire and there are secondary administrator accounts that set off any IPS flags if they are used. Key administrative accounts are to be controlled anyway and unless you are talking about senior IT, they should have full a
Re: (Score:3)
But putting fileservers on read-only in case he does damage? That just tells me that you have no concept of data resiliency anyway.
If I was working out my last couple of weeks, and IT put their fileservers on read-only for me just in case I decided to act like a dick, I would be deeply offended. And I would walk out of the building and not return.
Re:Why? (Score:5, Insightful)
Malware isn't as targeted as an individual, although I've seen financial records damaged and personal e-mails disseminated by malware. My stint at various companies, contractors, government positions, and private sector jobs has given me a lot of exposure to shit that goes wrong. Even when I had little technical power, I slowly identified ways to leverage the small access I needed, and to gain higher access; access control is idyllic, and information often leaks around a lot due to the need for certain things to be available.
I used to administrate IDS systems and approve firewall requests. In this capacity, I had no ability to do any real damage: every system I interfaced with was handled by an agent, either to install my hardware, to set my network routes, to configure the firewalls, to route span traffic to me, or to shut off ports when I discovered dangerous behavior on the network. I could damage our IDS, but nothing else. By contrast, those administrators each had a massive amount of power: they could sniff network traffic, route it for man-in-the-middle attacks, leak any information they wanted; even I was able to regularly extract administrative network passwords from our traffic, since our IDS ran decryption through our internal certificates and showed me raw attack traffic. I couldn't see your personal gmail account, but I could see the plaintext of your ssh connection to a CISCO switch.
I do work in network security; most mundanes who dabble figure that security is this rock-hard wall of protection, or it's wrong. They often forget the definition of information security, which includes confidentiality, integrity, and accessibility; it is the accessibility that people most forget, demanding confidentiality and integrity while refusing to sacrifice either where accessibility is impacted unacceptably. In my example with the IDS, the IDS must decrypt traffic to search for attacks which may compromise confidentiality or integrity, yet it also reveals passwords to a small group of people who may themselves compromise confidentiality or integrity by using these passwords; this is why HMAC was invented, but it is not always available within a protocol suite.
Re: (Score:2)
If a single person can take down a company - beware what an unsolicited virus/malware can do!
A disgruntled individual with knowledge of the company's business systems can do way more damage than generalized malware could.
Re: (Score:2, Insightful)
Re: (Score:3)
He's leaving willingly. Why be an asshole? It's not like he's being fired.
See my other post "Don't be an asshole". If someone wanted to wreck the house, they'd do it without a resignation letter.
Re: (Score:3)
Well, it may be poorly worded, but I have seen several places which have the blanket policy of not keeping people around for their last two weeks.
They're not quite so confrontational about it, at least not directly ... but the assumption is "you've resigned, we no longer care or trust you".
Some employers treat giving your notice as your last day, even if that means they pay you for that time and don't see you.
Re:If he's sufficiently important... (Score:5, Insightful)
Both accomplish the exact same thing, but one of them doesn't create dicks out of good employees. I mean what's the chance he's going to be productive those two weeks anyway?
Re: (Score:3)
I understand what you're saying, and generally I agree.
But as often as not it is HR who is the ones enforcing the policy of "get him out the door now".
But many many places treat departing employees as liabilities to be removed as quickly as possible.
It can most certainly be the case that HR is the ones who are treating you like a pariah, and acting like dicks. So, good luck with changing that.
Re: (Score:2)
Re: (Score:3)
This is actually a great way to test how an employee's absence will change things. Ask him (or her) to spend a day or two cleaning up their own stuff both physical and digital, then being "on call" the remaining time, checking his corporate e-mail once or twice a day. Have the remaining employees go ahead and start dividing up his work and see where things come to a screeching halt, and sending him questions via e-mail. This way, h
Re: (Score:3)
Gardening leave is usually about having time for someone else to be forced to look at their work and ask questions while they're still around on payroll.
2 weeks notice? Fuggedabouit (Score:2)
Comments like this leaving me wondering why anyone should bother giving two weeks notice. Just tell the company at the end of the day, "I'm leaving and not coming back."
Re:2 weeks notice? Fuggedabouit (Score:4, Insightful)
companies in the US no longer DESEVE 2 weeks notice. the rules are no longer valid; they won't give YOU notice. don't give them any courtesy they won't give you.
there is no loyalty anymore, so why play old games that are no longer valid?
you are a cog. you are just a worker.
just leave on the say you give notice. business is business, tell them you need to do what's best for you and that means leaving today.
they won't give you the same respect they 'expect' from you, so don't give it to them (anymore).
sad that its like this, but IT IS. only newbies and fools have loyalty to companies, now.
Re: (Score:2)
companies in the US no longer DESEVE 2 weeks notice. the rules are no longer valid; they won't give YOU notice. don't give them any courtesy they won't give you.
Most companies do pay a severance package, and it's normally more than 2 weeks' pay.
Re: (Score:2)
In most civilized countries/nations the minimum amount of time for notice is determined by law, and can be extended by contract.
Trying to say: 'I won't come anymore from today/tomorrow on' simply won't work.
Also as others asked or pointed out: not productive the last two weeks? So the ordinary work suddenly changed? I usually implement features or fix other peoples stuff till my last day. I only try to avoid making new code/commits on the last day. (With departing 'party', cakes, meals, drinks for everyone,
Re: (Score:3)
Comments like this leaving me wondering why anyone should bother giving two weeks notice. Just tell the company at the end of the day, "I'm leaving and not coming back."
I've been around the block a few times, and I have many times seen the situation where someone leaves a position and later comes back to work for the same employer. For better or for worse, not giving your 2 weeks is considered "burning the bridge".
Besides, what do you lose by giving 2 weeks? Worst that happens is you get 2 weeks' pay for doing no work.
Re: (Score:2)
In my job they expect 4 weeks notice for IS.
Gives plenty of time to transfer responsibilities. The guy I took over for spent 2 weeks going over everything he did (so I could add most of it to what I do as well...)
Then hung around for 2 weeks more doing documentation and taking laps to talk to people. He planned on a year of do whatever time, which from what I hear has turned into 4 years of it...and a pissed off wife.
Re: (Score:2)
There is no (usually in the USA) law that says when you give notice, the employer cannot fire you immediately without paying.
Of course, when that happens, you can contact the new employer and ask to start immediately. I worked with someone who was called into the office when he was about to give notice. They laid him off and gave him 6 months severance. You could always apply for unemployment for the time you are fired, though generally there is a 1 week waiting period.
Re: (Score:3)
Yeah right. If you were giving notice and you were planning on stealing or sabotaging, would you have not done it already?
I was once laid off. After I was told, I went back to my desk, had some coffee, checked in the code I was working on.
Once I was illegally fired, the company's network had some back doors (not put in by me). If I wanted, I could have wiped every machine in the company, or encrypted the entire hard drive, left them running until all the backups were corrupted, then take them down.
It all d
Don't be an asshole. (Score:5, Insightful)
I've known many people who have tendered resignation letters and are then immediately ostracized by the company, security follows them around everywhere, they're asked to leave the building immediately, etc....
Don't do that. If this person wanted to cause damage, he would do so without announcing his resignation. Take some precautions, but don't treat him like an outsider. He's still an employee during his notice period; treat him like one.
Remember, he's leaving somewhere where he spent a good 1/3rd of his life. Change is not easy, and paranoid asshole-ish behavior makes it 100x as hard. Plus, you want him to be an ally to your company in the future, and not a potential enemy.
Re:Don't be an asshole. (Score:5, Insightful)
Re: (Score:2)
If the employee has never been cause for concern there's no need to be a dick about it, but this is basic risk management. Pat the guy on the back, knock off early and buy everyone a round of beers. But you have to lock him out. Pay him his notice and let him go.
Re: (Score:2)
He's still an employee during his notice period; treat him like one.
Or not, either way is fine.
a) You're leaving for another company but during the notice period while it is our paycheck we expect you to be professional and loyal to your current employer. That means continuing to carry out your job duties to the best of your ability and help transition them to other employees. I'm sure they'll appreciate someone with working knowledge of the system guiding them.
or
b) I'm sure you know it's company policy to immediately terminate all access for leaving staff members, regardle
The correct answer should be "none". (Score:5, Insightful)
Re: (Score:2)
Do it before they put in their notice. (Score:5, Insightful)
Every time I've known I was going to turn in my notice, I end up going through everything and cleaning out any personal stuff and clean up my mailbox before the letter ever gets put in. You never know if you'll be given the opportunity to do that once your notice is in. If there's anything that needs to be saved, it's a good idea to keep a rolling backup of it now on everyone. That way, when someone turns in their notice (whether everything is above board or not), you have everything you need and you're not scrambling to catch it before the employee deletes it.
Re: (Score:2)
Re: (Score:3)
I'll add, you should actually keep the stuff he says is important to hold onto. I've spent a lot of time in the past collecting historical documents and organizing stuff so my employers can retain it after I'm gone. Three times now I've returned to companies where instead of keeping my data they wipe the laptop, delete my email and destroy years of valuable data. I've learned that companies cannot be trusted to keep valuable data and they will often not keep you on long enough to do proper knowledge transfe
Re: (Score:2)
It's very rare that I keep something of value to the rest of my team in my own account. Most projects I work on have common areas on servers where you're supposed to put everything and even a revision control system that holds the master copy of most code and documents. In any case, every user's account should be connected to a backup system anyway so that nothing of value is lost for any reason.
NOTHING - without management approval (Score:2)
You don't change access unless management says so in writing. If you take any action without instruction and screw up (forget to remove access or remove too much) YOU are now in the hotseat.
If there are concerns, the company should revoke access immediately and pays out the notice period.
If there aren't any concerns, why the extra scrutiny now? Any data theft or time bombs have already happened.
Take him out for a beer/whatever and wish him well. Maybe you'll need the contact in the future.
Two weeks pay, take his badge (Score:3)
It isn't like he is going to be productive anyway. Lot's of companies do this, nothing personal. Have a nice little staycation on us.
Remove access ASAP (Score:5, Informative)
Removing access immediately is important for 2 reasons. The first is obviously security. Then 2nd is figuring out what he does & making sure somebody else has that access & knowledge.
If he's still in the office & gets a call or something to fix an issue it will have to get bounced to somebody else. You'll have him available to do knowledge transfer on what he use to have access to do. If he's not in the office, but still getting paid he's still available for knowledge transfer. If he's past his 2 weeks notice, he has 0 obligation to assist you guys or provide any knowledge & training to his former employers.
Whenever I give notice I expect to loose my administrative access pretty much immediately. I've already backed up anything personal. I feel no disrespect when it happens. Seriously? Boho, you are giving me 2 weeks of paid vacation time, cry me a river. It's slightly annoying if I'm still around for those 2 weeks with no privileges to do anything, but I know exactly why they have been removed. Being ostracized is one thing (and not really kosher), but merely having admin credentials revoked should be expected.
As far as a security issue goes, any competent disgruntled sysadmin has already done the done the damage or set the logic bomb before they have given their notice. Still, better safe than sorry.
Re:Remove access ASAP (Score:4, Insightful)
Removing access immediately is important for 2 reasons. The first is obviously security. Then 2nd is figuring out what he does & making sure somebody else has that access & knowledge.
Beat me to it. When I saw "finishing up projects," that immediately raised a red flag. All projects should immediately be turned over to other staff, and the short termer can watch over their shoulders and answer any questions. It may make sense to let them keep email and IM during the time, and maybe even read-only to code to help look up issues. But that's about it.
For me it's not about security of the company. It's security of the person leaving, so that they can't get blamed for breaking something during that time. But the most important thing is knowledge transfer. Two weeks is a very short time to document all the little things that were picked up during their tenure.
My biggest complaint recently has been people leaving without proper knowledge transfer. Even after I emailed managers on that point, and was told to try to stop scheduling meetings with him. "He's too busy." Sigh. Now I'm left picking up the mess he left behind.
Re: (Score:2)
Security is already done or not when the notice goes in... but shutting off access, as the GP pointed out, is done as a simulated test environment. Basically, it's a "What would things be like if he wasn't here?" while he's still around to help out if it turns out something was missed. The alternative is assuming that everyone has a perfect memory and that all systems have been adjusted appropriately, all project migrated properly, and no further questions need to be asked (in which case, why not give hi
Wrong definition (Score:4, Funny)
When I read the subject line, I assumed the definition of resignation to be:
'the acceptance of something undesirable but inevitable.'
This describes the attitude many users have toward the IT department.
This is a always an interesting situation (Score:2, Informative)
Pretty much any company that has to let somebody go (especially if that someone has access to critical files: source code, legal docs, etc)...there is always the "what we do to protect ourselves in case this guys goes nuts and destroys company property?"
First, only a very dumb person would attempt anything like that since that could have criminal implications. There are files that are worth thousands or millions (or whatever the company says). If our guy found a job somewhere else, he has a vested interest
It's a little late for that question. (Score:2)
My experience, personal and seeing others - he packs a box of personal things and goes home, making himself available via phone/personal email for the 2 weeks.
You absolutely need him there to transition the job? Again, poor planning - what would you have done if he had gotten hit by a bus?
Re: (Score:2)
This. We work in IT, not in HR.
If your company is finding itself asking this question, and hasn't got a policy in place ... it's your HR and your management who have dropped the ball.
Depends on what colors you show (Score:2)
A DBA at the same place left about a year after. He didn't make it back to his desk before he was given his boxes.He
Start when you hire the person... (Score:5, Insightful)
. ... etc., etc.).
For example. Be transparent with any equipment lists that document what equipment are in the employee's possession. Share the list at least yearly with the employee so there are no surprises (and the resulting badness) if an employee leaves. There is little else that generates ill feelings than an out of date equipment list for an employee (what do you mean I have to turn in that laptop? I turned it in two years ago. What!?!?! You want me to pay for it?
Provide a great work environment so employees don't want to leave.
Look at what you think concerns you when an employee leaves, and then think about what you should do while the person is an active employee to prevent your concerns from occurring.
Don't solve the problem after it occurs, prevent it from occurring.
Don't try to be a hero (Score:5, Insightful)
You have data backups & resiliency in place as a matter of policy, right?
What's policy (probably HR's responsibility) for this scenario? That's what you do: follow policy, nothing more, nothing less. If there's no policy or procedure, then you do exactly that: nothing.
Don't improvise. This is an HR issue. You have NO idea what legal or other policy minefields you're stepping into. There are only downsides for you.
This is a Business question not an IT question (Score:3)
You could make sure you have plenty of backups. But you should already have them.
Easy. (Score:2)
Shake their hand, tell them (truthfully!) that they will be missed, their work has been valued, you will give them a good reference and pay out their last 2 weeks no problems.
Then IMMEDIATELY close all their access and politely escort them out the door.
It's the only way to be certain and address all risks: It's easier to justify the cost of 2 weeks salary than it is to deal with any fallout from problems. This is the way it's done in large enterprises where they have done risk assessments and looked at
Re: (Score:3)
This is the way it's done in large enterprises where they have done risk assessments and looked at their own history of related problems.
Maybe it is their history of treating their employees like numbers that has caused the related problems in the past.
Re: (Score:2)
Re: (Score:2)
It's a nice thing for the employee
It is also crap for anyone trying to take over the work and it leave the ex-employee feeling bad for leaving friends and co-workers holding the bag with no support.
Re: (Score:2)
You realize the resigning employee knew he was going to resign before management did and could have done anything he wanted back when he was 'a loyal trooper'.
The best story of timebombs I know as back in the 70s. 3 months after an employee left all the delinquent Sears CC bills went out 'Your mother carried your for nine months, We're not your mother. Pay-up dead beat.' They went out like that for months.
They would have sued the programmer. But their payoff rate skyrocketed and they couldn't prove who
Why? (Score:5, Insightful)
Why are you suddenly panicking and treating him like an asshole now he has anounced his resignation?
If he had ever had the intention to Do Bad Things(tm) why don't you think he also had the smarts to plan ahead and do it the day before he quit?
And also.. backing up his email in case he deletes his inbox/sentbox? Are you serious? Why don't you require that this should be deleted when he leaves? Most people do that on leaving just for their own personal security purposes. In fact many compnaies specifically require existing employees to explicitly not keep emails beyond some period. His email may well legitimately include personal stuff such as from HR that he should reasonably expect to be kept private, i.e not archived potentially permanently for perusal by IT staff anytime later.
Backup of his mails? (Score:2)
So you made a backup of his mailbox, NOW as he is leaving?
I hope you make back ups of your source control system more often ...
2 Weeks Vacation?!? (Score:2)
Pretty much every place I've worked in IT(except one...) I literally worked until about the middle of the last day, whereupon my boss and co-workers would take me lunch and drinks, etc;
Here is really bad example:
I was the only IT person at a smallish company(~50 employees) that had three sites, with a NetWare 5 server at each
Re: (Score:2, Funny)
Last time I gave notice and worked 'til the last day people plain forgot that I was leaving.
KISS (Score:2)
If he's smart and malicious, you're already screwed before he ever told you he's leaving.
If he's not smart, you have little to fear, but may get a good laugh out of it.
So, having him delete his personal files (for reasons of courtesy and legal liability) and then backup his work. Part as friends and professionals.
If you wait until they resign... (Score:2)
...then you're just going to be buttfucked by the ones who get up to mischief before they resign. You should have the ability built-in to recover from whatever they do, whenever they do it, because the worst damage is done by the insider you never suspect.
I'm generally in favor of the idea of that once someone submits a resignation, you might as well just tell them they don't need to come in. They can't get anything meaningful done in two weeks anyway and if you "need" them to explain what they do/project
Trust? (Score:2)
Which best practices do you follow that will prevent a resigning user from causing any damage (deliberately or not) in these last days of employment before his account is disabled?
Trust?
HR considerations - they need to be in the loop (Score:2)
First off, backups are the solution to this - don't let important things be stored locally. (Not that it matters, the new hires always like to reinvent the wheel.)
However, a bunch of things need to be solved from an HR perspective. You need to make a checklist for HR on how to handle IT things. Things like, "Get the PIN code to their iPhone" or "Make sure social media accounts have documented passwords" that'll make your life easier.) Basically you have 6 different situations:
We do ... absolutely nothing (Score:5, Insightful)
People start and leave jobs for a variety of reasons. Maybe their spouse got a giant promotion but had to move. Maybe their parents are ailing and they are moving closer to take care of them. Maybe they just want to do something new, or change careers. There's a multitude of perfectly rational and otherwise sane reasons people change jobs.
Why are you even considering treating them like an asshole? If they have given their notice, they should be finishing things up. If there's a project they are working on that will not be completed, they should be working with who is going to take it over to transfer the knowledge. They should likely document anything they did that wasn't documented. So on and so forth. Maybe you go out of a good bye lunch or get a cake to wish them well in their new endeavor. But why treat them like an asshole? Who knows, maybe your firm will start going the wrong way and they will get you on at the new place.
Once they are gone, then you should have a procedure to deactivate the account, delete files, shut off email, have inbound mail forwarded to their old manager, etc.
If you DO think they are going to do stupid things, then they should have been fired a long time ago. But if they are just leaving with proper notice, you likely don't need to do anything special.
Trust Him, or Don't (Score:4, Insightful)
If you trust him, work through his last days as usual, just switch him to hand-over tasks instead of new work.
If you don't trust him, walk him out now and revoke all access.
You're on the right track (Score:2)
1) Make sure access is reduced as much as possible. Immediately pull remote access.
2) Make sure the person documents things and walks through the docs with others to show them how things work.
3) If the person is mostly caught up let them slack, e.g. come in late and go home early. If remote access is pulled then there will be less time for any shenanigans to occur. "Beach time' is an extreme example of this, i.e. and effective 2 paid weeks vacation. But I like to have the person around in case anyone needs
Stay on good terms (Score:2)
One thing to remember (Score:2)
I bring this up any time someone is leaving, and even when I have left places. You should review all access, change all passwords he may have had, revoke all access that he had.....and you do this....as much for his benefit as for yours.
He is leaving, he is naturally the person who is going to be blamed, either directly (he did it) or indirectly (Oh he used to do that, and hes gone now....). Thats normal, and some amount of it is fine. However, you owe it to yourself AND to him to be sure there is no questi
Re: (Score:3)
This is a wonderful why to treat someone you've likely worked with for years, and would put in a good word for you should you be looking for a job in the future.
Seriously? He's resigning willingly. He's not being fired. Don't be an asshole.
Re: (Score:2)
Re:Having security meet him at his desk (Score:5, Insightful)
And it's a terrible way to go about things.
Treating exiting employees like criminals when there's no established reason to doesn't improve workplace security - it just means that the person outside your company with the most current stories about how you operate has a story about how you treated them badly.
You should absolutely be able to revoke people's powers, etc, but that's an "after they've left" step. Any damage you think you're preventing, they've already had the opportunity to do.
Re: (Score:2)
Agree here. Worked at a place where their policy involved treating people like criminals as they went out the door, didn't even get a moment to say goodbye to some people I was friendly with or had the security guy hovering over them like they were going to take a rifle out and start shooting any moment.
It's like others said, if they were going to do something crazy it would probably be before they put in 2 weeks. One guy they took him out for lunch for his birthday then fired him when we got back.
Obviously
Re: (Score:2)
Re:Having security meet him at his desk (Score:5, Insightful)
I worked for a company like that for a while; complete and utter bastards to work for. What that sort of behaviour towards their employees got them was a complete lack of any loyalty whatsoever. Since they were also a bunch of idiots who never planned anything, and always bodged things to run until the next last minute bodge, then however motivated a saboteur might have been, it would have been rather difficult to think up any action which would show up against the background level of incompetence, malevolence and managerial stupidity.
Most people simply got out of the door quickly, and took care never to work for them ever again, figuring that the company would come to an eventual bad end. It did, as things turned out, and the UK law would still like to have a long, comfortable chat with the company directors in the unlikely event of them ever setting foot in the EU again.
My take on easter eggs and sabotage like this is simple: DON'T DO IT! You never know when you might need a reference or a job involving some of the people in that last job, and it helps to have maintained a professional aspect and outlook throughout whatever shenanigans led to your departure. People tend to appreciate that sort of thing, and it also gives you the moral (and legal) high ground subsequently. It also means that you're not forever after worrying about whether the law are after you for unspecified crimes, and if you're the worrying sort like myself, it helps not to give yourself anything much to worry about in future.
Re: (Score:3)
I always think that if a company treats people that way, the company or its management probably did something very bad and are afraid of the consequences. Because a company that treats its co-workers like normal people shouldn't have to act that way. Unless even basic security measures aren't in place. Both are reasons to leave for greener pastures while you can.
Re:Having security meet him at his desk (Score:5, Insightful)
This. Last place I worked, I gave about 3 weeks notice (I said "x day is my last day" essentially) and emphasized in my resignation letter my full intent to continue to be as effective/useful to the company as I could for the full duration of my notice.
A higher-up drove 45 minutes from the head office to greet me on the last day of my notice to thank me personally and shake my hand because HE HAD NEVER SEEN ANYONE ACTUALLY DO THIS BEFORE.
EVERY SINGLE one of my coworkers saw this, mind you. I guarantee it made an impression, because they all couldn't stop talking about it the rest of the day.
When an employee resigns on non-hostile terms, don't treat them badly, instead show them how much you value them. It sets a great example for the remaining employees, and boosts morale across the board.
Shame that job paid so badly, I really liked the people there...
Re: (Score:3)
Re: (Score:3, Funny)
Re: (Score:2)
I remember leaving one company and I was the one who ended up turning the lights out on my last day.
Self-employment's a bitch. ;-)