× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. October 2005

Re: chgobjown

As soon as I am notified that someone is no longer with the company, I start monitoring the use of their sign-on to see if ANYONE ELSE appears to be using it (due to how new people get trained, and the trainers not ask for a sign on for the new person) we have a lot of people using someone else sign on until IT is told what kind of security the new person going to need.), and if it stopped being used, then I deactivate the sign-on, so it exists, but cannot be signed on.
Then I review what they own, and can that be easily re-assigned, or deleted (like messages and audit trail reports). It is pretty rare that I find someone owning stuff in violation of how we have our security setup.
I do not delete gone people right away because invariably in a few months, we will have a new person & I will be told to make the security on person X the same as former employee Y, which can be difficult to implement if I have deleted employee Y. We have application security setup in addition to 400 security, and you can't update that on a user profile who has been killed from 400. I do have reports to list what people are connected to in the application security (which is stored several places) to help with cleaning it up.
I have shown some co-workers how to do this, but since they rarely have occasion to do it, I suspect that if the time comes, they may have forgot and have to call tech support for guidance.
I think perhaps there should be some memos in wherever the company has a personnel file on me. In the event of my death or other sudden departure: 
1. Computer Security stuff that someone needs to be aware of.
2. Extracting off-site backup from where I have it stashed.
3. Key places for inexpensive but high quality tech support.
I also need to update "who to call" in case of a medical or lesser emergency, and what my allergies are.
One hassle has been in redoing SBMJOB and JOBSCDE tasks to a new user. We now have a bunch owned by a former employee, who amounts to being a PHANTOM user who generates all these nice reports for people who know they can go to "her spool file" to get what they need, but no one can sign on as the Phantom. There's stuff that was setup by former IT specialists that no one today understands.
Our IT manager is leaving after 18 years; needless to say she owns almost everything on the system.
I am IT manager and own very little, because SSA (BPCS insecurity group profile system) owns most everything. 

You need to have a policy procedure to prevent this with future people.


Does anyone have recommendations whether to:
a)change ownership to the new IT manager
b)create a IT group profile and set it as the owner
c)change ownership to qdftown
d)your recommendation is...

Thanks Bill Hunter


-
Al Macintyre  http://www.ryze.com/go/Al9Mac
BPCS/400 Computer Janitor ... see
http://radio.weblogs.com/0107846/stories/2002/11/08/bpcsDocSources.html

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.