On Call Welcome once more, dear reader, to On Call, The Register's weekly reader-contributed column detailing the delights and dangers of working in tech support.
Their evidence for the allegation was temp files that showed the engineer's account had been used to open certain documents he had no business seeing - never mind reading as thoroughly as the metadata trail indicated.
Alvin was asked to sit in on a disciplinary meeting, in which he would share his opinion that the temp files were damning evidence.
The intended outcome was a severe wrist-slap that left the engineer chastened, but happy to continue his important contribution.
Alvin's advice was that this approach was not sufficient.
The org had lost confidence in a critical employee and would never be able to trust him again.
The biz countered that the engineer had done good work for years, and had built the network from scratch.
Dismissal would mean losing important corporate memory.
Alvin responded that an untrustworthy employee should not be retained, and won the day.
So a plan was hatched: while HR fired the engineer, Alvin would revoke his network access to ensure no revenge could be wreaked.
To make that possible, Alvin was provided with network credentials that let him plan the deed.
As he rummaged around the network, he found a VPN connecting to what looked like a residential address.
At that address he found half a dozen servers laden with company files.
The engineer was duly let go, under an agreement that ensured the backup servers were handed over.
All passwords were then changed and the business carried on - just without its network engineer.
After a time Alvin was asked why the org's network was running so slowly.
The former engineer had throttled the bandwidth on the company's account.
Not to mention confirming that firing the engineer was the right course of action.
This Cyber News was published on go.theregister.com. Publication date: Fri, 12 Jan 2024 09:13:12 +0000