Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

Comment: Re:Although unused, not useful (Score 1) 176

Sure, but there are a few differences. For one, a manned plane will have at least one person (the pilot) with a serious interest in it not being one of those that crashes and kills people. Even if his employer is willing to risk it, he has the final say and it's his ass on the line.

The little hobbyist craft are small and light weight, There is a serious limit to the amount of damage they might cause. Not so much for a 50 pound commercial drone.

Comment: Swap (Score 1) 52

by Tablizer (#49382753) Attached to: Mario 64 Remake Receives a DMCA Complaint From Nintendo

Just replace all the objects and sounds with different things. Make Mario a green lumpy alien and replace all the stuff with whacky alien stuff. Name it Blamfoog*.

Flip the image so the green alien is jumping on the ceiling. It's the same gravity rules, just upside down. Nobody would even know it had anything to do with Mario if you don't tell them.

* Sounds like an open-source project name

Comment: Re:Huh? (Score 1) 234

by mysidia (#49382645) Attached to: Ask Slashdot: Dealing With User Resignation From an IT Perspective?

Using a Company network gives the company the right to snoop the traffic and see what you are doing.

It also gives the company the right to dictate what you (the user) are allowed to do with that computer, which is their property.

With a single phone call, the employer can inform at any time they are able to make contact with you (the end user).. even 10pm on a Sunday... they might say please power off the computer immediately, do not press any keys; we have revoked your permission to access the laptop, you are no longer authorized to perform any activities on the laptop, and please return it to our offices at your earliest convenience, tomorrow morning

If you login to it after that point to grab a personal file, or delete some personal files, after that, then you would be committing the crime of unauthorized access to a computer system. So your access to "personal" files could be lost at any point in time, outside your control.

Likewise.... if they hand you a Linux system and tell you that installing software, or changing the operating system is not allowed, and you go format and install Windows 7 on it, or boot it from a Knoppix CD / Boot and Nuke CD / reimage it, or gain access to restricted accounts such as local Administrator (through hacking) to install unapproved software such as a file shredder, then you might be looking at civil or criminal charges for gaining the unauthorized access or the destruction of "personal files".

Comment: Honestly? Cut him a check & send him on vacac (Score 1) 234

by Chas (#49382547) Attached to: Ask Slashdot: Dealing With User Resignation From an IT Perspective?

Seriously.

This option exposes the company to the least amount of possible damage the user could do.
Lock all his accounts down.
Obtain password lists to any external (but still company) resources this person may have had.
Hand him his check.
Thank him for his work.
Watch him clean out his desk.
Escort him out on his 2 week vacation.

People think it's rude and heartless.
I've seen people leave companies on ostensibly "friendly" terms, only to come back and find that said "friend" fucked them over, delete a bunch of stuff, stole things, etc.

So, give the outgoing employee your respect, but DON'T continue to give them access to company resources.
The amount of money lost in "productivity" is inconsequential compared to the time and money that could be lost by someone cleaning you out.

And sure, it's never happened to YOU...until it happens to you.

Comment: Audit don't restrict (Score 1) 234

by mysidia (#49382541) Attached to: Ask Slashdot: Dealing With User Resignation From an IT Perspective?

I have already set some fileserver folders to Read-Only for him and taken a backup of his mailbox in case he empties it on the last day.

Most folks aren't going to be engaged in destructive behavior when they leave ----- especially if moving to a new job. Therefore marking folders 'read-only' shouldn't be the pertinent thing. The greater danger is, they steal information. Not they destroy or corrupt information, which should be backed up anyways. And if they were going to, they probably had all the time they needed already. Why would they engage in the suspicious activity AFTER giving notice; given that they may be able to reasonably expect being released on the spot (for security reasons)? If someone wanted to be naughty..... wouldn't it make more sense to do the naughty things, and then turn in their notice after they had been doing the naughty thing for 6 months in small bite-size pieces unlikely to be noticed, or explainable away in any one instance?

I refer you to IT separation duties:

Even if IT is the custodian of the information, employee's may be able to access sensitive information. Two classic examples are contact lists and contracts. If a salesperson is leaving an organization, it is a time honored tradition to try to leave with the entire customer contact list. Receiving and providing contracts give a clear picture of the revenue and cost structure of an organization. These should be protected not only with digital means, but also with physical security protections.

Perhaps not the best idea.... unless these are permissions he wouldn't notice going away.

I would firmly suggest instead: audit all activity.

You do have file access auditing on your file server, and capture of audit logs to a safe location, right?

You might adjust the auditing parameters for the user to audit all activity, even when normally not all is audited.

Comment: Re:Delete stuff. (Score 1) 234

by mysidia (#49382491) Attached to: Ask Slashdot: Dealing With User Resignation From an IT Perspective?

Get him to delete anything personal, because chances are his co-workers are going to be asking for access to his files and emails so they can continue whatever work he was in the middle of.

No.... IT should have a backup of company computers he has access to, and they should be kept.

Anything deleted, to be done with management approval. Now is not the time to go around willy nilly deleting things.

I realize co-workers are indeed going to be asking for access to files and e-mails. The "personal files" issue, is one of the reasons co-workers should not be given blanket access to his or her files.

If the file was pertinent to the team's work, then it should have been in a shared location, unless it was a private draft they were working on but had not published out yet.

If they didn't need to be shared when (s)he was working, they shouldn't need to be shared when (s)he leaves.

In order to protect the company; management should be reviewing things before deciding if co-workers get to see it.

... though his invention worked superbly -- his theory was a crock of sewage from beginning to end. -- Vernor Vinge, "The Peace War"

Working...