Have you ever thought about what would happen to yourmission-critical systems if you had to fire an IT staffer-orworse-a senior IT employee? Of what if that person finds a betteroffer and jumps ship? Taking into consideration that how you firean IT person is as important-if not more so-than why you are doingthe deed, making changes in technical personnel can be a real painin the neck. But planning for potential technology and manpowerproblems can ease you through the tough times.

According to Tony Abena, COO of high tech career resource centertechies.com (www.techies.com,obviously), problems can often be avoided altogether by maintaininga solid understanding of where your employees stand. “Staying ontop of issues in the workplace can give you a real advantage,” hesaid.

But sometimes keeping up with the times isn't enough. The ITmarket is still a dog-eat-dog arena-as such, your competition wouldbe happy to relieve you of your IT director or senior databaseadmininstrator. They'll offer higher salaries and more desirablebenefits, and before you know it, your SQL pro has left you SOL.It's nothing personal; just business.

The most accessible contingency plans for this arecross-training and subordinate skill development. The formerinvolves making Team X ready to step in and handle part of Team Y'sworkload when it loses a member; the latter refers to developingadditional skill sets in the IT director's assistant-and thatperson's assistant, if necessary. And you should assume it willbecome so. “Never be without a subordinate who can take over,”Abena said.

But sometime there's no choice. You might just have to call inthe contractors and consultants. It could be pricey, but it beatsnot having access to the company intranet, for example.

In any case, according to Abena, it all boils down to humancapital management.

Sacked, Canned, Downsized, 86ed, Axed, Shown the Door,Pink-Slipped…

In the IT world, two main reasons for letting techies go arepoor performance and replacement by software or redundantprocesses.

When the dreaded time comes, Abena suggests using the humanresources department as a strategic pink-slip partner. He explainedthat HR can help out with advice and logistics, such as separationpaperwork, vacation settlements, and release forms to be usedimmediately upon firing. While you're at it, Abena said, try toschedule the firing for the end of the day, and provide options foroutplacement, if possible. “By offering outplacement options, youminimize the negative aspects of the situation,” he noted.

But if poor performance is the issue, you need to take steps tomake the firing go more smoothly. In this case, Abena suggestsbeing clear, and making sure solid reasons are given for thefiring…backed up by 30 to 60 days worth of documentation. “Thiswill give the idea that you've given lots of thought to firing theperson,” Abena said, “which is important because in theprofessional community-especially IT-everyone communicates, so youhave to worry about your reputation.”

After providing the necessary paperwork, Abena recommends eitherescorting the former employee out of the building (securityoptional) and have associates pack the person's belongings, or havepeople supervise the recently terminated's pack up. All the while,Abena stresses acting fairly and being honest. “Firing is about theemployee,” he said.

Take him seriously. Unless you live in a state with at-willlaws, you may run the risk of lawsuit for wrongful termination. Toavoid potential legal headaches, the best course of action whenfiring senior IT people, according to Abena, is to have all relateddirectors and senior managers present throughout the process.

Now, when it comes to squeezing out very senior people-CIOs andthe like-personal discussions about the situation over a shortperiod of time are in order, Abena said. He suggests giving theperson a chance to resign if the situation isn't of a grave nature.“But if it's clear-cut-very poor performance or a law is broken-youcan fire them directly.”

The least popular and sometimes most potentially dangerousscenario is the mass layoff. If you're letting go, say, 20employees at once, Abena strongly encourages a noticeable securitypresence offset by cooperative professionals still on the job.“Encourage other employees to be part of the process-they can helpclean up, pack, carry boxes, an so on,” he said. “This can helpdiffuse a possibly tense situation.”

Get IT Together

Systems analyst Tom Noble has seen his fair share of ITprofessionals come and go. But he'll never forget the one who stolecompany secrets on his way out. Noble said the former worker was atrusted member of the staff and was responsible forsecurity-sensitive functions including performing backups. Theterminated employee made off with lots of proprietary information,including financial statements, and left the files behind on diskfor a co-worker.

While Noble said there was no real way to prove the formeremployee performed the act, the disk in question stored thedocuments in a password-protected Zip file. According to Noble, theco-worker knew the password. In response, the company enacted apolicy to attach passwords to such documents.

“There's no real way to prevent this from happening when anemployee has access to the backups,” Noble explained. “Secure yourown files and documents so trusted people with high level accesscan't dig into anything they shouldn't.”

Noble said that while common sense dictates to change passwordsand shuffle admin accounts, sometimes the mostpost-firing-security-conscious companies overlook restrictingphysical access; instead many IT departments concentrate on lockingthe person out of the network and mail systems before they returnto their desks to pack.

“Physical access to facilities is more dangerous than networkaccess,” Noble said. “No matter what, if you have physical accessto machines, you can get into the system-it's just a matter oftime.”

To make sure you find a suitable replacement-instead of anothersquare peg for the round hole-Noble recommends looking intoconsultants or contractors to fill the gap, thus allowing you timeto recruit a good fit.
But it's hard to bring in a contractor to fill in for very seniorIT people. If the CIO has got to go, Noble suggests planning thefiring by breaking up the CIO's responsibilities and delegatingthem through the ranks. Then, discuss the CIO's access points andpasswords and how to secure them. Finally, determine where and howthe CIO has stored sensitive documents relevant to his job, andsecure those, too.

No matter how you go about it-and even if the situation involvesan IT person quitting and giving two weeks notice-Noble said youmust act quickly. “If you know they're leaving, you have to closethem out of all systems immediately, because you can never knowwhat they'll do in the time they have left.”

Pink Slip Protection

Ten steps to tamper-proof your systems when you give the badnews:

o Disable all related user profiles and accounts
o Detach all network connections (i.e., at the cubicle)
o Image the user's hard drive for backup
o Change all administrator passwords
o Shuffle and change security accounts
o Reconfigure remote access
o Give close associates new passwords
o Search for recently modified documents
o Wipe the user's hard drive
o For the sake of convenience, have all user e-mail forwarded

These steps should be implemented when you've decided to firethe employee. By proactively closing means of access, you furtherensure system stability as the system expert leaves thebuilding.

Getting Even

Under the condition of anonymity, a security-savvy ITprofessional-we'll call him John Dough-explained ways a disgruntledtech worker might put the screws to his employer.

For example, word gets out that John Q. Public, a senior ITstaffer at the Any Company, is going to be fired. He hears about itand begins plotting.

By using a separate computer on an analog phone line, he is ableto circumvent primary security functions and avoid monitoring as headds users to the system's privileged groups (e.g., administrativeor power user groups). From there, he quietly installs timedmechanisms to launch destructive applications weeks or months afterhe's gone. Or, he could deploy applications that capturekeystrokes, install self-launching viruses, or embed date-sensitiveprograms that delete everything at once.

“In this situation, the person will look for system accessthrough remote offices, dialup points, and remote Web sites,” Doughsaid. “Potential problems can be avoided by having off-sitebackup-that way you'll always have the data.”

Dough explained that most companies are insured against attacksof this nature, and most should perform upwards of two weeks ofpost-firing security audits. Why? According to John Dough, theworst hacks can leave two to three days of complete systemdowntime, especially if the malicious acts are performed justbefore daily or monthly backups. He said full-force attacks cancost companies hundreds of thousands of dollars in repairs.

The most common hacks, according to Dough, are deletingessential files, setting up servers to fail upon reboot, andinfecting systems with fast-acting viruses. Many of these so-called“small-time jobs” can be prevented by ensuring your systems do notrely on individual user accounts. That means never having criticalfunctions tied to specific users.

A more thuggish-and simpler-approach to system destruction isthe use of magnets. Large magnets, similar to those found inloudspeakers, can simply be placed on servers, leaving themconfused, weakened, or ruined altogether.

Meanwhile, a more exotic route to total e-chaos is theEMP-electromagnetic pulse generator. In this case, the guy you justfired goes home, places a few orders from a scientific catalog, andbuilds a conduit for emitting high-energy blasts of electromagneticenergy. He loads the unit into the trunk of his car, drives to thecorporate HQ, takes aim, and delivers permanent drought to yourserver farm. (Technology Decisions strongly discourages thispractice.)

The solution to all of this: Hone your human capital managementskills.