In a related Network World article, it's reported that Barnes "was upset after Akimbo representatives showed up at his door in April 2003 -- one carrying a baseball bat -- and [took] both his work and personal computers." Again, I have to wonder what exit procedures (ones not involving baseball bats) the company had in place at the time -- procedures that should have addressed the changing of all of Barnes' passwords.
No matter how big or small, every company needs to have exit procedures (although I guess a sole proprietorship can be exempted here). The procedures need to address more than IT issues, so they should be jointly produced by the HR department and others that may include IT, building/property security, and HR. Company contact directories will need to be updated, RFID access and ID cards revoked, and accounts disabled, deleted or updated with new passwords.
Exit procedures should not be taken lightly; the impact of not following them, or not having them at all, can have dire consequences on a company and, as we see with this article, the attacker, too.
John H. Sawyer is a Senior Security Engineer on the IT Security Team at the University of Florida. The views and opinions expressed in this blog are his own and do not represent the views and opinions of the UF IT Security Team or the University of Florida. When John's not fighting flaming, malware-infested machines or performing autopsies on blitzed boxes, he can usually be found hanging with his family, bouncing a baby on one knee and balancing a laptop on the other. Special to Dark Reading.