Fired Employee Makes Unauthorized Changes to Company Website and How to Prevent this From Happening to Your Company
A former employee vandalized the website of his former employer according to a report of the West Bloomfield Beacon. The police were told that the ex-employee was fired July 6 and he allegedly made unauthorized changes to prices and instructor names on the company website. The business owner believes the ex-employee of using old login names to access the company website.
Unfortunately, incidents like this are not isolated. For example, a federal grand jury recently indicted a former employee of the Transportation Security Administration (TSA) for trying to corrupt a database of terrorism suspects in an inside job that many within the information security industry say is a stark reminder of how important it is to track insider access to sensitive data stores. (click here for the full story). This individual planted a virus in his employer’s computer system after learning that he would be fired from his job.
Employers have a number of tools available to pursue rogue individuals who would do harm their business organizations harm. I’ve written about the Computer Fraud and Abuse Act as one such tool (See the Michigan Manufacturing Association’s Insight magazine), for example.
Preventing Digital Sabotage
More importantly, there are a number of steps employers can take before such conduct happens. In fact, employers should have a checklist to follow when an individual is terminated that covers the cancellation of all IT access and related passwords. For a copy of an expansive employee termination checklist, contact me here. Also, I would appreciate hearing about any other measures or best practices that you think should be included on this list. Thanks.