Many of us, when we move on from a job, have dreams of sending a special message to the management. Whether that’s an especially cutting resignation letter or some sort of memorable parting gesture, we all want to make our mark. And it turns out a former Twitter employee had their 15 (or actually 11) minutes of fame when they deactivated President Trump’s press secretary, I mean Twitter account. And while that’s pretty funny, it highlights how important it is to have good controls around what exiting employees can do.
Probably the most famous case of an employee wreaking havoc in Australia game when Vitek Boden, who was refused a job by the Maroochy Shire hacked into the sewage control system and sent raw sewage into parks and rivers. At the time he was employed by the company that had installed the system.
But today’s news that a Twitter employee deactivated President Trump’s Twitter account was perhaps the best last day “hack” I’ve heard of.
While this all seems pretty funny it does highlight an important issue. Many IT staffers have high levels of access to systems and can carry out all sorts of damage given the motivation and opportunity. That means you need to have processes and procedures in place to ensure staff with lots of access are prevented from doing these sorts of things. Even a practical joke from a long term, trusted employee can have lasting effects on a company’s reputation.
When an employee with elevated access signals their intention to move on, think about how you’ll handle it. Is it safer to simply pay their notice period out and let them leave straight away? Or do you keep them on but remove some of their higher-risk access?
Either way, you should think about what happens during the period before an employee moves on after giving notice.