|
OwlFancier posted:It makes a degree of sense if you have the capacity to singlehandedly wreck the company by annihilating everything on their servers. Oops, I canceled our cloud backup account instead of changing the admins name on it, and clumsy me, ran rm -rf on our storage cluster. My bad! Later!
|
# ? Aug 16, 2015 02:20 |
|
|
# ? Jun 3, 2024 20:18 |
|
When one of the guys in our command center left, his last shift was during the holiday party, and they let him cover that shift by himself.
|
# ? Aug 16, 2015 02:31 |
|
MJP posted:It's been standard practice at any place I've ever worked, save for one. It's more a security measure than anything else. I can understand why they'd want to do it. While I can understand it if you're going to a direct competitor, not letting someone finish up 2 weeks is dumb as hell. Happened at my last MSP job with the guy I partnered with & the retarded panic scramble I saw afterward made me quit a few months later. I was one of 14 engineers the place lost in less than 18 months. Did I also mention it was dropped in my lap to explain to our clients what happened, because our bosses didn't want to? Yeah, gently caress that place & anywhere else that's that petty or stupid. OwlFancier posted:It makes a degree of sense if you have the capacity to singlehandedly wreck the company by annihilating everything on their servers. Any competent company with good IT rules will change passwords & access the day anyone in IT leaves or gets fired. If they don't I have zero sympathy for them losing data because of a disgruntled, mistreated employee. BOOTY-ADE fucked around with this message at 02:52 on Aug 16, 2015 |
# ? Aug 16, 2015 02:43 |
|
It has less I think to do with who you're going to rather than why you're leaving. I would imagine the instances of people being pissed and causing damage out of spite are more common than those of people being hired to commit sabotage by their new employer. If people are leaving due to dissatisfaction, well, that's a good reason for caution. You've essentially said you don't want to work there any more and therefore have minimal commitment to the place after your two weeks is up. So when you say that, they say thankyou for your time, escort you out, revoke your access, and pay you your two weeks severance. It will be harder to train a replacement, but less difficult than dealing with the chance of someone deciding to damage the place on their way out. You're working a fairly high security job, it seems entirely reasonable. OwlFancier fucked around with this message at 02:58 on Aug 16, 2015 |
# ? Aug 16, 2015 02:55 |
|
I've never been told "go home" whenever I left a job. Last place I worked at wanted me to give 4 weeks notice, for some ungodly reason. I gave them 2. Kinda hard to not when I was moving on a specific date.anthonypants posted:When one of the guys in our command center left, his last shift was during the holiday party, and they let him cover that shift by himself. If I were him I'd just walk out.
|
# ? Aug 16, 2015 02:58 |
|
Methylethylaldehyde posted:Oops, I canceled our cloud backup account instead of changing the admins name on it, and clumsy me, ran rm -rf on our storage cluster. My bad! Later! What a wonderful way to ruin any chance at passing an interview with a company that checks references. Sure you can kick somebody out because of security concerns, but you can also offer a letter of recommendation and a solid reference contingent on a good final two weeks. Any half caring person would put in a decent effort and not burn every bridge in sight.
|
# ? Aug 16, 2015 03:06 |
|
A ticket came in on Thursday to disable a consultant's account. A ticket came in on Friday with that consultant unable to log in to VPN. I don't know if he was fired or his contract not renewed or what, but you would think he at least would have know about it? I don't know, I closed the ticket and said the user was no longer with the company.
|
# ? Aug 16, 2015 03:32 |
|
Tab8715 posted:If you get walked out the door after giving your two weeks I can't say I care much for that employer. That should be standard practice for job termination of all employees that have access to sensitive and critical systems. By all means pay them for the two weeks, but I've dealt with post-mortems of "amicable" departures.
|
# ? Aug 16, 2015 04:17 |
|
Honestly, if you have the courtesy to put in two weeks, you could gently caress things up before you gave notice. What's gained then? Firing, sure. Two weeks? Just let me them work it out. Anything valuable they wanted, they already got. Any destruction they wanted to do, they could have (or inserted a time bomb). All shoving them out the door does is cast a pall over the last good interaction you could have had
|
# ? Aug 16, 2015 04:28 |
|
evol262 posted:Honestly, if you have the courtesy to put in two weeks, you could gently caress things up before you gave notice. What's gained then? Firing, sure. Two weeks? Just let me them work it out. Anything valuable they wanted, they already got. Any destruction they wanted to do, they could have (or inserted a time bomb). All shoving them out the door does is cast a pall over the last good interaction you could have had Granted, I'm coming at this from the perspective of Info Sec, and everyone knows we're just there to impeded productivity and create policies for our own sadistic amusement. Just like a lot of things security policies are intended to prevent, the likelihood of it actually happening is low, but I can't blame a company for enforcing those kind of policies. There's always that one time, and "oops, there goes our critical database. And those backups? Just tape after tape of the "/tmp" directory. Guess we're bankrupt now since we can't recover from the impact of this."
|
# ? Aug 16, 2015 04:45 |
|
Methylethylaldehyde posted:Oops, I canceled our cloud backup account instead of changing the admins name on it, and clumsy me, ran rm -rf on our storage cluster. My bad! Later! Its a standard practice for a good reason. Enjoy the vacation, no reason to think worse of the employer.
|
# ? Aug 16, 2015 05:47 |
|
flosofl posted:Granted, I'm coming at this from the perspective of Info Sec, and everyone knows we're just there to impeded productivity and create policies for our own sadistic amusement. I can - because the line you just typed indicates that something like this either HAS happened in the past or there's enough suspicion that it WILL happen. So either (a) company got screwed by an angry ex-employee & never changed/enforced policy properly or (b) management knows that people are pissed off & stressed with how they're treated & a situation could occur, but choose not to change whatever is making people angry. It falls on the people running/managing the company to be competent and actually care enough to make sure the work environment doesn't turn toxic.
|
# ? Aug 16, 2015 06:00 |
|
Ozz81 posted:I can - because the line you just typed indicates that something like this either HAS happened in the past or there's enough suspicion that it WILL happen. So either (a) company got screwed by an angry ex-employee & never changed/enforced policy properly or (b) management knows that people are pissed off & stressed with how they're treated & a situation could occur, but choose not to change whatever is making people angry. It falls on the people running/managing the company to be competent and actually care enough to make sure the work environment doesn't turn toxic. Well, I suppose we won't see eye-to-eye on this. I do agree it's unnecessary for most positions, but for people in key positions it's not a bad idea to have a policy like this place. I think you've created a false dichotomy. A company can have competent and empathetic management philosophies and still have policies in place to mitigate the risk, however minuscule it may be, that may result in the ruination of the company. It's called risk management, and a security policy like this is a low-effort practice to prevent internal threats along with separation of duties, role-based access and mandatory vacation policies for key personnel. It would be irresponsible for a company to not address whatever risks there are to it's smooth operation once those risks are identified. The risk here is "some people are just dicks". These are the kind of people who smile at you, while burying a knife in your gut just because they can. "But why are you hiring and keeping these kind of people?" Because they don't stand out when they are hired. But I suppose we could just make these key personnel take psychiatric personality evaluations every 6 months, but you'll end up alienating many of the kind of employees you want to attract and keep. As part of a risk assessment, there is also a part of it where you draw a line where the cost of mitigation is too disruptive or expensive compared to the risk, and let's keep in mind this is typically a low-probability risk. So it's preferable to implement the low-effort and low-cost methods I mentioned above.
|
# ? Aug 16, 2015 07:14 |
|
Ozz81 posted:I can - because the line you just typed indicates that something like this either HAS happened in the past or there's enough suspicion that it WILL happen. So either (a) company got screwed by an angry ex-employee & never changed/enforced policy properly or (b) management knows that people are pissed off & stressed with how they're treated & a situation could occur, but choose not to change whatever is making people angry. It falls on the people running/managing the company to be competent and actually care enough to make sure the work environment doesn't turn toxic.
|
# ? Aug 16, 2015 07:48 |
|
Migishu posted:I've never been told "go home" whenever I left a job. Last place I worked at wanted me to give 4 weeks notice, for some ungodly reason. I gave them 2. Kinda hard to not when I was moving on a specific date. Interestingly, here in Australia, 4 weeks notice is normal and I've never seen a full-time position with less. Never seen anyone not have that time being used as training for replacements or for documenting things.
|
# ? Aug 16, 2015 08:45 |
|
OwlFancier posted:It makes a degree of sense if you have the capacity to singlehandedly wreck the company by annihilating everything on their servers. It doesn't make sense because you picked the timing of going to a new job, and if you were going to sabotage everything on your way out the door you could have done it then. I mean, I can see specific cases where someone might want to do that to prove their probity to someone else. But I'm not sure that counts as making sense. Ozz81 posted:Any competent company with good IT rules will change passwords & access the day anyone in IT leaves or gets fired. If they don't I have zero sympathy for them losing data because of a disgruntled, mistreated employee. "You need to cut me off from a, b, c, d ..." divabot fucked around with this message at 10:06 on Aug 16, 2015 |
# ? Aug 16, 2015 10:04 |
|
flosofl posted:Granted, I'm coming at this from the perspective of Info Sec, and everyone knows we're just there to impeded productivity and create policies for our own sadistic amusement. Well, I completely understand the necessity and ameliorating factors of RBAC and walkouts after acrimonious termination (including layoffs). I just don't grasp the reasoning behind doing it when there's an otherwise good working relationship, I guess. Not that I mind the free time off.
|
# ? Aug 16, 2015 15:17 |
|
OwlFancier posted:It makes a degree of sense if you have the capacity to singlehandedly wreck the company by annihilating everything on their servers.
|
# ? Aug 16, 2015 16:38 |
|
they can still just as easily do it in their final two weeks jesus what is hard about understanding this
|
# ? Aug 16, 2015 17:30 |
|
Collateral Damage posted:If someone wanted to do that (or steal customer/financial data or whatever) they would do it before handing in their resignation, so getting your knickers in a twist about security after the fact is kind of pointless. Yes, but you can't exactly fire people at random on the basis they may do that, whereas you can cut people off once you have a reason to believe they may be inclined to do that. So long as you receive your pay and an appropriate reference I don't see the issue. You work a secure job, frankly I'd be more worried if I wasn't cut off from sensitive information and equipment after I had told my boss I didn't want to work there any more. It's not a personal insult, it's sensible practice. If it prevents even one person from deciding to be a dick on their last day and causing expensive damage, it's worth doing. Especially as a lot of the people ITT are leaving work because they don't have a good relationship with their employer. While I doubt anybody is unprofessional enough (or professionally reckless enough) to try to cause any damage, certainly the motivation is often there for a less conscientious person. OwlFancier fucked around with this message at 17:41 on Aug 16, 2015 |
# ? Aug 16, 2015 17:35 |
|
evol262 posted:Well, I completely understand the necessity and ameliorating factors of RBAC and walkouts after acrimonious termination (including layoffs). I just don't grasp the reasoning behind doing it when there's an otherwise good working relationship, I guess. Not that I mind the free time off. While I understand your point completely, I think you need to think more about some of the lovely employees that companies get stuck with. I can well imagine the: BOSS: You screwed the pooch big time. You're fir... EMPLOYEE: I quit! BOSS: ...ed. In that case, would you allow them to stay on for an extra 2 weeks? Cause if you walk them to the door immediately, yet you don't do that for employees you like, perhaps you've been running a hostile workplace towards them and this clearly adds weight to their lawsuit against you. What happens if the only one who gets walked to the door is a gay, black, Jewish woman? Fancy fighting a discrimination case?
|
# ? Aug 16, 2015 17:54 |
|
spog posted:While I understand your point completely, I think you need to think more about some of the lovely employees that companies get stuck with. You get a lawyer who walks all over them because, believe it or not, lawsuits (especially non-jury lawsuits) pretty much get decided by the arguments made by the lawyers and how cogent they are. "This was the definition of an acrimonious separation and we were mitigating potential harm, whereas those people who were not escorted handed in a formal letter of resignation which was not presaged by a hostile encounter" Honestly. I've also been the firing boss in this situation, and an alphabet soup of people you think win discrimination lawsuits often (they don't, even when they can argue it, because the burden of proof is high; but that's another discussion) doesn't make a difference. Making people cry at their desks is a hostile work environment. Escorting people who resign as a response do disciplinary action isn't (and FYI: "I quit" as a response to termination doesn't work -- you can be asked to resign as an alternative, but you cannot choose that option in the middle of it if they haven't presented it as a choice). Your entire post is an awful strawman. OwlFancier posted:Yes, but you can't exactly fire people at random on the basis they may do that, whereas you can cut people off once you have a reason to believe they may be inclined to do that. OwlFancier posted:So long as you receive your pay and an appropriate reference I don't see the issue. You work a secure job, frankly I'd be more worried if I wasn't cut off from sensitive information and equipment after I had told my boss I didn't want to work there any more. It's not a personal insult, it's sensible practice. If it prevents even one person from deciding to be a dick on their last day and causing expensive damage, it's worth doing. Especially as a lot of the people ITT are leaving work because they don't have a good relationship with their employer. While I doubt anybody is unprofessional enough (or professionally reckless enough) to try to cause any damage, certainly the motivation is often there for a less conscientious person. As a generalization, less conscientious people do not give reasonable notice, or have already trapped things beforehand. There's a case for long-entrenched staff in a company without (or with) mandatory leave who see the writing on the wall as other departments or younger team members absorb their role and jealously sabotage things to show how valuable they are (by hoping the company will ask them to fix it), but 99/100 cases of walking someone out because they've put in two weeks is just leaving a bad taste in someone's mouth. Back to the contracting talk (a little): lots of contractors know the exact date they'll no longer be employed, as do the companies they're working for. These employees also have the potential to be disgruntled, but are almost never walked out. Why one and not the other?
|
# ? Aug 16, 2015 18:31 |
|
evol262 posted:You get a lawyer who walks all over them because, believe it or not, lawsuits (especially non-jury lawsuits) pretty much get decided by the arguments made by the lawyers and how cogent they are. Pretending a risk doesn't exist won't make it go away. And saying 'A person who would do that would *never* put in a two week notice' is naivety at best. Hell, assuming a person acts in their *own* best interests can be a losing bet. It's impossible to assess every risk to your operations, but it's inexcusable to leave identified ones unaddressed at some level. Ignoring a 1 in a 100 or 1 in a 1000 or 1 in a 10000 event, doesn't make it's impact any less when it does happen.
|
# ? Aug 16, 2015 18:46 |
|
flosofl posted:Pretending a risk doesn't exist won't make it go away. And saying 'A person who would do that would *never* put in a two week notice' is naivety at best. Hell, assuming a person acts in their *own* best interests can be a losing bet. It's impossible to assess every risk to your operations, but it's inexcusable to leave identified ones unaddressed at some level. It's not "they would never" (though it's also not the "well, obviously" being thrown around by some other posters, but I'm not an expert at this at all, and I'm trying to understand the calculation behind it, and why it doesn't also apply to fixed-term contractors (or contractors reaching maximum extension, etc) flosofl posted:Ignoring a 1 in a 100 or 1 in a 1000 or 1 in a 10000 event, doesn't make it's impact any less when it does happen. Well, no. But I don't think that's what I'm asking. I'm asking "why some and not others" and "is the cost to the business of a universal walkout policy worth it versus just walking out employees with enough privileges to cause significant harm?" Or something like that. It's clearly a valuable policy in some places/circumstances, albeit one which hasn't been enforced at any of the companies I've ever worked or contracted for (including 4 financials), I'm just want to understand the business calculus beyond a vague hypothetical risk
|
# ? Aug 16, 2015 19:03 |
|
flosofl posted:Pretending a risk doesn't exist won't make it go away. And saying 'A person who would do that would *never* put in a two week notice' is naivety at best. Hell, assuming a person acts in their *own* best interests can be a losing bet. It's impossible to assess every risk to your operations, but it's inexcusable to leave identified ones unaddressed at some level. The point is that the risk of somebody doing something to damage the company is bigger one day before he gives his two week notice, than one day after. Your whole argument applies to the former risk just as much, if not more. But companies are apparently fine with pretending that doesn't exist at all.
|
# ? Aug 16, 2015 19:08 |
|
Confusion posted:The point is that the risk of somebody doing something to damage the company is bigger one day before he gives his two week notice, than one day after. Your whole argument applies to the former risk just as much, if not more. But companies are apparently fine with pretending that doesn't exist at all. It's more that they can't really do anything, practically or even necessarily legally, about the former.
|
# ? Aug 16, 2015 19:12 |
|
OwlFancier posted:It's more that they can't really do anything, practically or even necessarily legally, about the former. Of course you can. You put rules, procedures and security measures in place so that no single person can ever bring down the company on his own. But in any case, if the measures (or non-measures) are considered good enough for the former (bigger) risk, they ought to be good enough for the latter (smaller) risk.
|
# ? Aug 16, 2015 19:15 |
|
You also have to weigh the relatively small risk of an amicably departing employee deliberately sabotaging something against the loss of institutional knowledge that will occur if you walk him out immediately. If he was one guy of a dozen on the same team doing the same work, the impact would be pretty minimal, but if he's the sole SME on several critical systems and you give him the boot without giving him those two weeks to document and share knowledge, that's definitely going to hurt the company. Really it all comes down to trust. If a company can't trust its employees to behave professionally without the threat of losing their jobs if they do something wrong looming over them, then that company probably has some serious management issues.
|
# ? Aug 16, 2015 19:30 |
|
This conversation has taken a massive turn into territory. dennyk posted:You also have to weigh the relatively small risk of an amicably departing employee deliberately sabotaging something against the loss of institutional knowledge that will occur if you walk him out immediately. If he was one guy of a dozen on the same team doing the same work, the impact would be pretty minimal, but if he's the sole SME on several critical systems and you give him the boot without giving him those two weeks to document and share knowledge, that's definitely going to hurt the company. Exactly and a employee leaving the company doesn't necessarily indicate that trust is eliminated. I've never been walked out but I have put in my two-weeks, quickly trained my replacement, thanked my managers for a awesome opportunity and we both went on our way.
|
# ? Aug 16, 2015 19:52 |
|
If I tell the company I'm leaving, what good is it gonna do to march me out the door? I already knew I'm leaving, if I wanted to do anything malicious I would've prepared it already.
|
# ? Aug 16, 2015 19:59 |
|
This reminds me of some conversations I have had with people not in the industry asking why IT people, particularly sysadmins, should NEVER get 2 weeks notice of a layoff, as is customary with other positions. Why take extra risks with someone who can do an rm -rf / ?
|
# ? Aug 16, 2015 20:21 |
|
MJP posted:Only briefly - I'll be taking the 7:13 out of Union, not sure which one I'll be taking back. PM me at some point if you ever wanna grab a drink or something - plenty of bars that aren't the Blue Comet right up Ferry Street. Every westbound RVL train that originates in Newark departs from track 5. You will get very familiar with it. [/fishmech] I'd be up for grabbing a drink, but doing it in NYC might be a better bet wrt an NYC nerd meet.
|
# ? Aug 16, 2015 21:37 |
|
RFC2324 posted:This reminds me of some conversations I have had with people not in the industry asking why IT people, particularly sysadmins, should NEVER get 2 weeks notice of a layoff, as is customary with other positions. I'm less concerned with a short-timer doing something malicious than with them doing something half-assed because they're going to be gone in a couple weeks. You can come in for that period if you like, but I've got nothing for you to do.
|
# ? Aug 17, 2015 03:29 |
|
Mr. Fix It posted:I'm less concerned with a short-timer doing something malicious than with them doing something half-assed because they're going to be gone in a couple weeks. You can come in for that period if you like, but I've got nothing for you to do. It'd be a waste to just have them doing their normal day-to-day during their notice period anyway. Aside from maybe finishing up an ongoing project or something, they really should be spending those last two weeks documenting stuff and training other staff, or other tasks to prepare for their departure.
|
# ? Aug 17, 2015 04:07 |
|
Summary: I cant get WiFi in the toilet. Description: For the last week the WiFi has not been accessible when in the mens toilets. It is available at my desk but I need it in the toilet.
|
# ? Aug 17, 2015 04:17 |
|
Torlet
|
# ? Aug 17, 2015 04:29 |
|
Laserface posted:Summary: I cant get WiFi in the toilet. Ask him to flush his dns cache
|
# ? Aug 17, 2015 04:33 |
|
When I stopped working a few months ago, I disabled most of my accounts myself on my last day. It was pretty fun.
|
# ? Aug 17, 2015 05:08 |
|
spankmeister posted:Ask him to flush his dns cache
|
# ? Aug 17, 2015 05:48 |
|
|
# ? Jun 3, 2024 20:18 |
|
Rebooted the nearest Wifi AP, closed ticket, now watching web traffic to see what XXXX's iPhone is browsing.
|
# ? Aug 17, 2015 06:00 |