• Fosheze@lemmy.world
    link
    fedilink
    English
    arrow-up
    30
    arrow-down
    1
    ·
    25 days ago

    Yeah, the proper time to revoke credentials is before they even know they’re getting fired. At all the places I worked, the first sign that someone was getting fired would be that they’re suddenly unable to access anything.

    • calabast@lemm.ee
      link
      fedilink
      English
      arrow-up
      11
      arrow-down
      1
      ·
      edit-2
      25 days ago

      IT systems need a way to pre-enter an account deactivation, and when HR sends a text to the system it makes it live, or something. I’ve been the IT guy who was told to disable an account, and the user found out before the news was broken so they asked me what was going on. No bueno.

    • AngryishHumanoid@reddthat.com
      link
      fedilink
      English
      arrow-up
      14
      ·
      25 days ago

      It’s likely that HIS credentials were revoked, but anyone in IT will tell you there many systems which are accessed by a shared direct username/password login, and yes while that should be changed when needed a much easier solution would be to lock those apps/sites behind a VPN which is much easier to revoke access to.

      • Fosheze@lemmy.world
        link
        fedilink
        English
        arrow-up
        13
        ·
        25 days ago

        Exactly. Nothing with shared credentials should be directly accessible to someone off site to begin with. Either way things went down they have a security hole you could fly a blimp through. Either they aren’t revoking credentials properly or they have eternally facing systems using shared credentials.