Valrene Mae Schilke is every IT manager’s worst nightmare. A trusted CFO friend of mine recently forwarded an alert newsletter
from the law firm Kirkpatrick & Lockhart Nicholson Graham (K&LNG) outlining a legal case involving Ms. Schilke, and the details sent chills down my spine. Just a few weeks ago, the Michigan
Court of Appeals considered an appeal on her “unauthorized use of a computer” conviction, which was the result of an employment termination that went wrong.
As a “technical analyst,” Schilke had the highest level of administrative access to key systems, which allowed her to add
and delete files and change user permissions, among other superuser privileges. Her company had also provided her with VPN
access to the corporate network. When her company decided to fire her, her supervisor and the HR director approached her desk
to notify her. On hearing the bad news, she began typing on her computer and refused to stop. The HR director and supervisor
left to find someone to disconnect her computer, but they came back to a worse situation: a barricaded office.
Getting Schilke to leave the premises eventually required a call to the police, but the damage was done. To make matters worse,
Schilke had changed the superuser password that would allow others to terminate her access to the network, so she continued
her malicious actions via VPN from home. In the end, her employer estimated losses of almost $60,000 in revenue and system
restoration expenses as a result of Schilke’s actions.
Having been through the unpleasantness of terminations myself, I have a few tactical pointers for IT managers in touchy situations
like the one mentioned above. Although you often can’t avoid the anger of an employee who has just been terminated, you can
protect your company against potential IT damage. To do this, IT managers have to maintain strong relationships with the HR
department and make sure part of the termination process includes notifying the appropriate IT operations staff so they can
jointly plan with HR and rehearse the termination of IT privileges. When planning, HR and IT must consider worst-case scenarios
and outline the specific steps required to avoid them.
In Schilke’s case, she was an IT employee with unique superuser access to key systems, a situation that presents serious logistical
challenges, demanding more than one trusted IT staffer with superuser privileges, plus the ability to terminate those privileges.
More importantly, that staffer needs to be able to take the necessary steps to terminate privileges within a few minutes --
or faster if at all possible.
I had to terminate someone with privileges like Schilke’s once, and although it was nerve-wracking, the coordination with
HR and the rehearsal with my trusted IT superuser paid off. I asked the trusted IT staffer to log in as superuser to all key
systems before I called the employee into my office. As soon as he saw the employee moving toward my office, he was to run
a preprogrammed script to kill the employee’s log-in shells and begin changing passwords. For further safety, I asked my trusted
IT staffer to disconnect the employee’s cube from the network in the patch panel. In the end, the terminated employee slammed
his telephone handset on his desk and broke it, but we were spared further damage. A damaged phone is a lot better than $60,000.
E-mail
Printer Friendly
Reprints
(InfoWorld) - In the litigious world we live in, deploying a unified communications platform in your enterprise could...
