company eliminate information system access upon termination L a w
Internal IT Security Issues:What VNN didn’t tell you was that, at the same time that this news was breaking, a minor IT security issue developed here at Worldwide Global, Inc. – which, remember, is us. It started when, driven by the discovery of a virus on an employee’s computer, an IT manager conducted an enterprise-wide IT security audit.
What the IT manager found was significant enough to cause our company, Worldwide Global, Inc., to revise its IT access control and general computer use policies. Now managers are required to review the access permissions of all employees and abide by the concept of “least privilege,” where a user should be given only those privileges needed to complete their assigned tasks.
Through the audit, IT security also identifies an active account for an employee who was terminated last month for repeatedly bypassing controls and accessing restricted information on the network. This discovery means that he could still potentially access this account remotely. As a protection and prevention measure, IT security disables the account immediately and a review of the user logs find no activity following the employee’s final day of employment.
It is time for the discussion portion of this inject. In your post, you should focus on the impact that these two developments – the hacktivists and these internal issues – would have on our company’s actions at this point.
- What are the types of actions that a company like ours would expect from government agencies such as DHS?
- What are the types of actions that a government agency like DHS expect a company like ours to take in a situation like this? As you discuss these questions in your discussion post, you may also address the following related questions:
- What does the government expect of private companies in terms of integrating cybersecurity into the life cycle system (i.e., design, procurement, installation, operation and disposal)?
- How can a company ensure that service providers (i.e., vendors) that have access to our systems are following appropriate personnel security procedures and/or practices?
- Who is notified and what steps are followed to ensure this individual’s access to facility and/or equipment has been terminated? What steps are followed from beginning to end?
- Should legal representation be sought and at what point? Who determines if the employee should be held criminally responsible?
- Does the company eliminate information system access upon termination of an individual’s employment?
- Does the company employ a formal sanctions process for personnel failing to comply with information security policies and procedures? If so, has this been communicated to employees and how often?