Change passwords in as many places as applicable. Things may be amicable right now -- circumstances change, the employee may become disgruntled later. Or someone may try to use social engineering and/or impersonate that person.

Even if the only way into the innards of your operation is through a VPN connection they will no longer have access to, you should still change passwords on essential accounts -- those that would cause you the most harm if they became inaccessible or broken. Ditto for any public spaces that are not controlled by Corporate IT -- GitHub, company Facebook page, whatever. The higher up the ladder this person is, the larger the list of places you should be making sure are inaccessible after they leave.

The routine of changing passwords on this scale should be one that is well documented and regularly performed regardless of human turn-over.

So what happens when you drop a grain of it into a bottle of Coke...

I'm a Rogers customer out of Ontario with a wifi-capable cell phone. Reception in my neck of the woods sucks. However, my phone (a Blackberry Curve) has built-in wifi and supports UMA. For $5 / month extra, I can piggyback my calls over broadband internet and they simply get billed against my minutes. I can use this with any wifi hotspot in Ontario (and probably in Canada).

Pros: no hassles with GPS, placing equipment near windows; portability (don't have to take a microcell with me); cost

Cons: used to be a free service, but is not anymore; a UMA-compatible handset is required to leverage this