Bunting tripp & Ingley - certified public accounts

Would a former employee sabotage your company?

February 6th, 2012

It used to be that a disgruntled employee might sabotage the company by damaging equipment or stealing important papers. It was clear what needed to be guarded.

But nowadays, the same employee can wreak far more vengeance while sitting quietly at a computer.

New threats call for new precautions. Are your company’s sabotage/prevention procedures keeping up with technology?

Effective management practices

Well-managed companies have fewer disgruntled employees who might seek to harm the company. The following practices will help achieve this aim:

Hire and promote only managers who treat employees respectfully, have good listening skills and don’t always have to be right. Disgruntled employees are often the product of insensitive managers.
Make sure you have an effective grievance procedure that functions fairly and employees don’t suffer retaliation for using it.
Have a comprehensive performance management policy and be sure managers use it properly. Except for cases of gross misconduct, employees should not reach the point of being terminated without knowing that their performance was problematic and what they needed to do to fix it.
Offer terminated employees severance pay and outplacement services. Make these benefits contingent on proper completion of the departure process. That is, the benefits can be revoked for inappropriate actions by the employee.
Conduct terminations with tact and empathy. This is not the time to go into detail about the employee’s poor performance. Give the employee time to respond and ask questions.
Security procedures at time of termination

The steps you take for security at the time of a termination are critical to preventing sabotage. While some of these measures may seem extreme, it is the loophole that may get exploited.

Achieving zero sabotage requires implementing 100 percent security. Here are some recommended practices:

Inform the appropriate IT representative shortly before a pending termination and have that person invalidate the employee’s network access and passwords just as you go into the termination meeting. The employee should not have access to your network after the meeting because it takes only a few minutes to cause serious damage.
If the employee claims to have important personal information on the work computer, have someone from IT, in consultation with the immediate manager, access the system and provide legitimate files to the employee via e-mail or on a CD.
Someone should stay with the employee while belongings are collected and the individual departs the building. If the relationship with the manager has been highly charged, someone neutral from HR can do this.
After the termination, have all remaining employees change their passwords. This should routinely be required about every 90 days, and previous passwords should not be allowed to be used again.
Terminating high-level IT employees

Often, disgruntled employees who commit electronic sabotage are high-level employees in the IT department who have special expertise and access to the company’s systems. This can present serious challenges, especially when no one else on staff has the technological knowledge to disable that person’s access.

The solution is to hire an IT consulting firm to look for and shut down any remote or backdoor access that the employee has created. You may need to conduct the termination meeting off-site so the employee does not get suspicious of the consultant’s presence.

A final general consideration is that you should train all staff on e-security practices on a regular basis. This includes:

Keeping their passwords secret and not writing them down in their work station
Logging out of the network when away from their computer
Creating passwords that are hard to decipher
Not using their network password for any other purpose
If you ensure that your managers have and use good people-management skills, terminating disgruntled employees should be minimized. If you follow the practices outlined above to deny opportunity when terminations occur, electronic sabotage should not be a major problem for your company.

The technical information here is necessarily brief. No final conclusion on these topics should be drawn without further review and consultation. Please be advised that, based on current IRS rules and standards, the advice contained herein is not intended to be used, nor can it be used, for the avoidance of any tax penalty assessed by the IRS.

© 2012, CPAmerica International. All Rights Reserved.