Question

Susan was recently fired from her executive IT position. You have concerns that she has enough knowledge and expertise to sabotage company documents—and you need to delete her access. However, upon beginning, you find information that should be retained in her user directory for future company needs. Consider the process you would take to ensure that Susan no longer has access and that data is retained. In situations like this, do you think the benefits outweigh the risks enough to retain user information? Why or why not?

Answer 1

A

To ensure that Susan no longer has access without erasing her files I'll take the following steps:

1. I'll create a new group and and name it Retired and make sure it has no user privileges at all.
2. Next step is to move Susan's profile to the Retired group. This is ensure that she does not have rights or access to any other user groups.

B

The benefits that accrue to retaining her information will depend on the value of information that her account possesses. As the former executive IT personnel, this is most likely the case.

In the long run, the safest thing to do might be to just back up all information she created and had access to to a remote storage or data warehouse.

Cheers!