Imagine that you need to fire your network engineer. These guys have the keys to your kingdom – passwords and everything else. How in the world do you keep your business secure?
As much as possible never give one person access to everything. You should not be kept in the dark about things but should know what user names and passwords are (current), know who vendor contacts are and etc.
News Factor writes A study sponsored by the Department of Homeland Security has found that corporate insiders who sabotage computers and networks are motivated mainly by anger against their bosses.
The DHS examined a number of cases involving computer sabotage over the past six years, focusing most intently on why employees felt the need to attack networks, steal data and wreak technological havoc within their companies.
Most attackers were motivated not by financial gain, the study found, but by a sense of revenge against their superiors. The study also noted that most attackers typically worked in technology departments like I.T., and had specific beefs, like getting laid off or missing a promotion. You can get the report here
The report advises Formal policies and procedures for disabling access upon an employee?s termination or resignation should be established and followed.