Employee ghosts haunt your systems

People come and go in your organization all the time. A select few stay for years while others pass through in just months or even weeks. But whether they are lifers or transients, they all leave a digital ghost behind when they exit — a trail of their interactions with your network and systems.

You'll find their spoor everywhere — e-mail on your mail servers, data on your file servers, and information on desktops, laptops and even smartphones. They will change settings on applications, contribute to wikis and blogs, file reports and create and edit spreadsheets, word-processing documents and presentations. That's where the ghosts come from.

So what do you do with their leavings? You attempt to exorcise the spirits. You probably delete their server and e-mail accounts, remove them from LDAP servers, delete their access to FTP servers, remove their access privileges and deal with the clots of data they left behind. If you're really thorough you might even go so far as to purge them from your backups.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

People come and go in your organization all the time. A select few stay for years while others pass through in just months or even weeks. But whether they are lifers or transients, they all leave a digital ghost behind when they exit — a trail of their interactions with your network and systems.

You'll find their spoor everywhere — e-mail on your mail servers, data on your file servers, and information on desktops, laptops and even smartphones. They will change settings on applications, contribute to wikis and blogs, file reports and create and edit spreadsheets, word-processing documents and presentations. That's where the ghosts come from.

So what do you do with their leavings? You attempt to exorcise the spirits. You probably delete their server and e-mail accounts, remove them from LDAP servers, delete their access to FTP servers, remove their access privileges and deal with the clots of data they left behind. If you're really thorough you might even go so far as to purge them from your backups.

But when you do any of these things there's a chain of potential problems because all of their ghostly trails don't exist in splendid isolation. Remove their files without understanding how their work related to the bigger business picture and, for example, the design and supportability of an entire product line could be compromised. Dump their e-mail messages and your ability to be in legal compliance could be lost. There are hundreds of potential consequences to removing their data and it adds up to what we in the pundit business call "a crap shoot."

"Ah," you might expostulate, (that's OK, we're all consenting adults around here), "I'll just remove access privileges for accounts and leave their data and e-mail where it is and keep an eye on whether it gets used." Nice try Sparky, but that's not going to work.

The reason for its guaranteed failure is simple: You almost certainly don't know what their data really means. You can't possibly know what the use cases are for every file on your system and whether the fact that it gets used is relevant to your business or a side effect of some other process.

And then there's the biggie: The assumption of employee loyalty. What if the original owner was disloyal and left a steaming great pile of bits lying around that will eventually emerge to ruin your day? How can you know?

So here's what you can do: Rethink your data handling architecture from the viewpoint of what users are allowed to do. As monumental as that sounds there really is no other choice.

The problem is that without a centralized ID management strategy that defines roles and privileges from an a priori stance — that is, where you define explicit permission templates for every user and every access pattern he makes so you know exactly what you're allowing and what you're disallowing — you cannot possibly know enough about what is intended to be normal use and what signifies problems that are going to make your life a living hell.

This is a combination of identity management and strategic, top-down planning that displaces the old "strong passwords are good enough" approach because they aren't. As we work our way through the current financial hell there's one result that's guaranteed: Future compliance regulations will make the Sarbanes Oxley Act look like a high school homework exercise.