Termination and Use of Passwords

mm in LAmm in LA 12 Posts
in HR & Employment Law Vote Up0Vote Down
Are there any laws against use of passwords by former employees who are terminated or leave the company? I know the #1 rule is to cancel all passwords, but if for some reason and employee had another password unkown to us, do we have any criminal recourse? Especially if there is no harm done?
Share on Facebook Share on Twitter

Comments

  • 7 Comments sorted by Votes Date Added
  • Don DDon D 9,834 Posts
    PMVote Up0Vote Down
    A person can use any password he dreams up unless some systemic control blocks it as being a duplicate, too long or too short. However, I guess what you're really concerned about is him accessing your company's system.(??). If that's the problem, you have a legal issue. If he instead is taking his password along with him and it might even contain the company's name, you probably have no recourse. Just my opinion, nothing legal of course.
    Share on Facebook Share on Twitter
  • tbehantbehan 19 Posts
    PMVote Up0Vote Down
    Believe it is the company's responsibility to ensure any potential security breach can not happen.
    Share on Facebook Share on Twitter
  • Don DDon D 9,834 Posts
    PMVote Up0Vote Down
    Indeed, but if an ex-employee is fraudulently entering the company computer it will be a criminal matter if pursued properly.
    Share on Facebook Share on Twitter
  • mm in LAmm in LA 12 Posts
    PMVote Up0Vote Down
    Thanks for everyone's input. So I think we all agree so far that it is truly the responsability of the company to ensure all passwords are cancelled so as not to allow a breach (which is fine with me) We have not had an issue but there was debate as to who was responsible. Our concern is that IT delays in cancelling passwords and we really are the ones (the Co.) responsible for securing our own info. I have not heard of any truly legal recourse against employees, for using passwords they know as part of the position, to gain access to company info (of course this is if there is no damage or harm done such as money stolen, etc)

    Anyone out there with any specific legal knowledge of this?
    Share on Facebook Share on Twitter
  • Don DDon D 9,834 Posts
    PMVote Up0Vote Down
    Our
    >concern is that IT delays in cancelling passwords and we really are
    >the ones (the Co.)
    Aside from legal concerns, the IT employee who has this practice should either be counseled or fired. IT has an immediate responsibility to come into play and should generally know who is going to terminate and when to pull their plug, preferrably at the moment of termination, sometime before, but NEVER long after. There should be a sense of urgency. This is not one some IT staffer should be able to prioritize! I realize they are messing with speakers and stuff and looking at the catalog of new monitors, but this should take precedence.
    Share on Facebook Share on Twitter
  • Theresa Gegen TXTheresa Gegen TX 814 Posts
    PMVote Up0Vote Down
    There would be legal recourse in a civil sense. You could sue the employee to enjoin further use. But that would be very expensive and probably only worth your while if you thought the employee was taking or accessing confidential information or trade secrets. If that is why the employee is accessing the system, then I suggest you consider suing. Most are probably just accessing the system to check emails.

    Also, you might want to warn the employee during out processing that he or she cannot access the system and to do so could subject them to criminal or civil liability.

    But, easier and cheaper for the company would be to insist that IT change the passwords right away. They are delaying because the company allows them to.

    Good Luck!


    Share on Facebook Share on Twitter
  • HRCathyHRCathy 97 Posts
    PMVote Up0Vote Down
    And I thought my IT people were the only ones too busy reading everyone else's e-mails to actually get passwords cancelled!
    Share on Facebook Share on Twitter
Sign In or Register to comment.