[sclug] Locking down

Jacqui Caren-home jacqui.caren at ntlworld.com
Tue Jun 21 10:19:06 UTC 2011 

On 21/06/2011 08:42, Neil Haughton wrote:
>   A pollicy (we have one anyway) and logging is going to be no use in the
> scenario my seniors are trying to hedge against: that is, the willful and
> secretive absconding with the source code. For example, our policy clearly
> prohibits 'inappropriate' website access, yet a long serving and very
> trusted member of staff was sacked a year or so ago for downloading some
> pretty salacious stuff in his lunchbreaks. Okay, there was no harm to the
> business in that (part from the nasty virus he inadvertently introduced to
> the intranet) but it shows the paradox that you can't be certain that the
> people you trust are trustworthy.

I am not sure the above makes a lot of sense. Employees have value to the business.
A "bit of stupidity" by an employee could lead to dismissal but you say the damage
to the business was negligible. If what he did was illegal then the police shoud have
been called in.

I dislike the "management by fear" handbook - and "making an example of him" is
self defeating in the long term as the sort of staff you want to attract will
start to avoid you, leading to the hire of less and less reliable/loyal staff.

Jacqui

p.s. If you are that worried about theft of code, you should start with the cleaners.
All it takes is a few 20 minute sessions to get into most networks unless you have
draconian security - monitored full site CCTV, physically secured desktop systems,
shielded/caged walls and windows, personal lockers for staff and pat downs etc.

I worked for Cray and thier old building had shielded exterior walls and "gilded"
windows, cctv, physical security (no pat downs but marconi used to selectively pat
down staff) but Cray cleaning staff still managed to crash desktop systems (by
accident I may add).

Also I doubt source code is that valuable - I could probably re-code half the projects
I have worked on the past 15 or so years from scratch - probably better second time around
at much lower cost. Algorithms, concepts and hidden "shortcuts" which are now in staffs
noggins are usually the most valuable things to lose.

More information about the Sclug mailing list