• aeronmelon@lemmy.world
    link
    fedilink
    English
    arrow-up
    92
    arrow-down
    1
    ·
    edit-2
    7 months ago

    That might be slightly illegal.

    That person might be slightly doomed.

    Companies need to remember to change the login password BEFORE firing people with login passwords.

    • Zorsith@lemmy.blahaj.zone
      link
      fedilink
      English
      arrow-up
      17
      arrow-down
      2
      ·
      7 months ago

      One man IT shop maybe? Usually stuff like that goes through IT, because who in their right mind would give HR modify access to active directory?

      • thejml@lemm.ee
        link
        fedilink
        English
        arrow-up
        14
        arrow-down
        3
        ·
        7 months ago

        Generally a firing is decided the previous day or at least an hour before it happens. Discussions are made prior to the actual meeting where the firing occurs. IT is on standby. They either deactivate the AD account and related auth methods when the employee walks in the office to have the discussion. This is a well oiled machine, so that all parties know their parts. The meeting/discussion is solely a formality and by two minutes into it, theres no longer any access granted. Security shows up at the meeting to escort the employee out and collect their badge or keys. Maybe they let the employee walk by their desk to collect their stuff, maybe the employer ships it to them later, depends on the circumstances and office layout.

    • Pacmanlives@lemmy.world
      link
      fedilink
      English
      arrow-up
      8
      ·
      7 months ago

      I mean kind of depends. I got a soft layoff so worked 6 months more and got 3 months pay for the transfer to India.

      I think best practices for highly secure environments is at the time of notice you lock the account and give that person 2 weeks off.

      Most normal company’s it’s cool work till your last day, do your exit interview and we lock your account on Friday afternoon or Monday

      Also you never want to change someone’s password on termination. What if their login is running some business critical tasks? Not best practices but I can tell you it happens a lot especially for reporting. If you lock the account you can always just reenable it and work to fix the issue

    • Potatos_are_not_friends@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      ·
      7 months ago

      Last year, I tried my admin creds at my old job and it still worked. I was afraid of retaliation so I sent them a message from a throwaway email about changing their passwords.