Related Posts
Conversation Starter
Conversation Starter
More Posts
Enthusiast
Thought I was on LinkedIn when I saw this one
Enthusiast
Conversation Starter
New to Fishbowl?
Download the Fishbowl app to
unlock all discussions on Fishbowl.
unlock all discussions on Fishbowl.
This isn’t a question of power and possession this is IT security 101. The computer should not be accessible without the employee present because of accountability. If IT is unable to fulfill their tasks remotely and seamlessly which most can at this point they need to wait and execute their application in the presence the employee unless they physically need to take the laptop.
If this is a system wide update IT should provide notification to everyone.
That's true. Guess I've worked enough places with mandatory annual online cyber security e-learning courses that it's been drilled into me
If you haven’t listened to any darknet diaries podcast episodes about pen testing (penetration testing), you should. Your employee did the right thing by denying access. IT can come back when she is there and can verify the IT person’s credentials.
I would think that it wouldn’t be on you to handle anything, but on the person who made the original request, which is what they should have been doing from the start. Why was the instruction not relayed directly but through another person? I would have also found this odd and felt uncomfortable if in her place. It’s not really a matter of company property. As a matter of fact, if anything, at many places, it would be your request that was in violation, and her response in accordance with commonplace company policy surrounding data protection.
Also, if the IT department isn’t able to access certain information without being physically granted access to it by another person, there’s a reason for it.
Exactly.
Maybe she doesn’t trust you
If you work at a company that has a security policy you all have to sign, chances are it includes a section about locking devices when you are not present. If this is the case, be careful, as both you and the member of IT could get in hot water for asking her to go against policy.
I would NEVER leave my computer open period, and you should not be asking employees to do so. It’s a major security risk and at the end of the day the employees responsibility
Does your company use a messaging system like Teams? Wondering if her anxiety about it being on while she was gone is getting caught saying things she shouldn’t with IT being in the system?
Hm. No idea why she is that concerned about it being on while she’s away if that’s what IT asked. But you’re right- it’s company property for IT to do what they need
“I’m telling you to leave the computer on.” If it was turned off, I’d turn it back on, and note it in the employee’s file a verbal warning for insubordination which I would discuss with them on their next day in.
It’s so stupid, it doesn’t have to be logged in, just left on for IT to be able to do their thing.
Cackling at insubordination. My god.
It would a violation of our companies policy to leave it on and unattended. Also you don’t say their role do they have access to sensitive information?
I cannot tell you how many times I have had IT directly harrass me during working hours to get something done on my computer that they can’t do in an after-hours update. IT should go straight to them and it should have nothing to do with you.
You’re unfortunately in the wrong. Probably the right intention, but go back and take the security training. This ask is in direct violation of most policies.
I also feel it was inappropriate of her to tell (me) her director, no, after I stated that I would watch her area.
It is not inappropriate for anyone to say no, regardless of title. Sorry.
We are not allowed to leave our computers on when we are not using them. If I was to leave my screen unlocked when in the office and go to another office for a meeting I could be disciplined for doing so as it is a security risk for the company. I think your colleague was correct. Despite being company property it is her account and people could use that access in an inappropriate way.
💯 If you work in healthcare, you know security is nothing that they play around with!
IT Manager, here. There's a big distinction between On and Logged On which I think is a really big piece of the puzzle. If the IT wants the PC just online then the staffer is being weird. If IT wants staffer to leave the PC logged in while she's not present then good on her for standing her ground.
While it's true that the computer (and all data contained therein) is the property of the company, you really need to pick and choose your battle. Staffer is certainly going to talk about it to coworkers and morale is going to plummet if they don't at least have a veneer of privacy.
This was from my original request. He changed the other's, but her computer did not take it and needed a few extra steps. So he called her to work on it, and she was leaving. And asked her to keep her computer on.
I disagree. The policy states that the computer is the property of the company, no privacy, no personal, etc. To provide her a feeling of ease, I stated that I would ensure that nothing happens in her area.
I'm wondering why the IT Administrator can't fix it themselves but that's besides the point. The request to leave on is valid, assuming they did not say on and logged in. IT support would log in with their own profile to do the needed install on the system. Depending on the permissions level of that support person, they can only see, do, so much on the device. Turning it off is probably why they are not getting the pushed updates in the first place, best practice for us is push during none peek hours, night time. So they are creating the problem and not supporting the resolution efforts. I'd have to nicely say "I am telling you to leave it on, not asking."
PSA. don't save personal or proprietary info on your work PC. If you have proprietary work docs, make sure they are in a secure folder with restricted permissions (check folder properties). Your desktop, downloads folder, ect; is NOT secure.
Its fine
My company IT department does updates after hours. We get an email when necessary to leave our computers on overnight so they can do the updates. She can log out and still leave the computer on.
That being said, how hard is it for IT to turn the computer back on? They should have an administrative log in and password to get in to everyone's computer, so it's really not that big a deal. If your IT department doesn't have administrative log ins, that's a different issue. They know her login anyway.
Just tell her to log out and leave it on.
IT can’t remotely hit the power button- which is why it was asked to be left on
I think she’s got it now, folks 👌🏻… lol
Here's a different take - if the update is critical, did you even bother to ask her if she could stay behind and get it resolved? Is there a reason why IT can't do it the next morning? What update could be so important that you'd land where you did with your decision?
If it were me, I'd tell you to pound sand too. It's a data breach concern, and if I was on my way out, it'd just have to be handled the next day, or I'd hang back to get it sorted before I left.
Was she being asked to leave her computer turned on, or to leave it unlocked? And was the staff person clear on the distinction? I've had to leave mine turned on overnight for certain updates, but I would never agree to leaving it unlocked when I'm not present.