As soon as I am notified that someone is no longer with the company, I start monitoring the use of their sign-on to see if ANYONE ELSE appears to be using it (due to how new people get trained, and the trainers not ask for a sign on for the new person) we have a lot of people using someone else sign on until IT is told what kind of security the new person going to need.), and if it stopped being used, then I deactivate the sign-on, so it exists, but cannot be signed on.
Then I review what they own, and can that be easily re-assigned, or deleted 
(like messages and audit trail reports).
It is pretty rare that I find someone owning stuff in violation of how we 
have our security setup.
I do not delete gone people right away because invariably in a few months, 
we will have a new person & I will be told to make the security on person X 
the same as former employee Y, which can be difficult to implement if I 
have deleted employee Y.  We have application security setup in addition to 
400 security, and you can't update that on a user profile who has been 
killed from 400.  I do have reports to list what people are connected to in 
the application security (which is stored several places) to help with 
cleaning it up.
I have shown some co-workers how to do this, but since they rarely have 
occasion to do it, I suspect that if the time comes, they may have forgot 
and have to call tech support for guidance.
I think perhaps there should be some memos in wherever the company has a 
personnel file on me.  In the event of my death or other sudden departure:
1. Computer Security stuff that someone needs to be aware of.
2. Extracting off-site backup from where I have it stashed.
3. Key places for inexpensive but high quality tech support.
I also need to update "who to call" in case of a medical or lesser emergency, and what my allergies are.
One hassle has been in redoing SBMJOB and JOBSCDE tasks to a new user.  We 
now have a bunch owned by a former employee, who amounts to being a PHANTOM 
user who generates all these nice reports for people who know they can go 
to "her spool file" to get what they need, but no one can sign on as the 
Phantom.  There's stuff that was setup by former IT specialists that no one 
today understands.
Our IT manager is leaving after 18 years; needless to say she owns almost everything on the system.
I am IT manager and own very little, because SSA (BPCS insecurity group 
profile system) owns most everything.
You need to have a policy procedure to prevent this with future people.

Does anyone have recommendations whether to:
a)change ownership to the new IT manager
b)create a IT group profile and set it as the owner
c)change ownership to qdftown
d)your recommendation is...

Thanks Bill Hunter
-
Al Macintyre  http://www.ryze.com/go/Al9Mac
BPCS/400 Computer Janitor ... see
http://radio.weblogs.com/0107846/stories/2002/11/08/bpcsDocSources.html

As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact copyright@midrange.com.

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.