Computer Jobs -- How to Resign Professionally?

MikeDawg asks: "I submitted a letter of resignation yesterday, and today I'm at home posting stories to my weblog and Slashdot. I gave my employer two weeks notice, and almost immediately, I had my accounts disabled, and my permissions revoked on all the computers at my work, which makes me unable to do anything in my position of being a 'Systems Analyst/Systems Administrator'. I spoke with the HR rep, and gave her my notice yesterday, then I spoke with her today about what had happened to my access, and they honored my resignation... 2 weeks early. (Luckily, I'm compensated in pay for the next two weeks). What I want to know is, how do you computer and IT professionals out there put in your notice of resignation (if you are with a permanent employer, and not contractual), and not get immediately shutdown, and shunned away from the computers? The CIO immediately thought I was going to do something terrible to the system, and destroy accounts, and any other activity that I have access to, but I was giving him notice that I was leaving. What is the professional thing to do?"

Lucky Bastard

[DeadBugs]

When I resigned in a professional manner, they made me stay the whole 2 weeks. Sometimes they escort people out of the building that day for security reasons and still pay them for the remaining 2 weeks. However, I had to stay and fill out paperwork and go to BS meetings and suffer. What they did to you is pretty standard and has nothing to do with you or how you resigned.

Re:What's the question again?

[RodgerDodger]

Well, as you say, the OP got paid anyway, but...

In every job I've had that I've left (five in the last 12 years), I've never had my access cut off until I actually leave. I've always worked until the last day, and I would be surprised if an employer didn't want me to. Mind you, I've never been fired, and in all but one case, I was actually on fairly good terms with my employer. I've never even heard of employers terminating access for people who are leaving of their own accord.

As a matter of fact, in most of the occasions I've left a job, I needed to keep access to the last minute to assist with a smooth handover of my work.

In a situation where an employee has notified their employer that they wish to resign, there is no security risk in letting them keep their access (and do their job) until they leave. If they were disgruntled and were going to do anything nasty, they would already have done it prior to tendering notice.

(It's a very different situation if the employee is let go, of course)

Re:You did the right thing... it's their problem.

[IntlHarvester]

I had an old boss that taught me this trick about 10 years ago -- When a sysadmin quits, give him a two week paid vacation and immediately change all the passwords. Most of them had something lined up anyways, and if they weren't backdooring things, they were just going to sit around shorttiming it.

Funny thing was nearly every system admin that resigned attempted to access the systems during their enforced vacation. Probably nothing malicious, but since you don't know that, it's a wise policy.

Corporations as Psychopaths

[Alien54]

explain to me how he is any more of a liability then before he gave notice.

that's right... he isnt.

managers are just jackasses and dont have a grip on reality.

The reason being that the vast majority of corporations would be classified as criminal psychopaths if they were human beings. There is even a big documentary/movie on this point.

Re:What did you expect?

[Large+Green+Mallard]

Security is about managing risks. There's no way to make something perfectly secure, only to manage the risks it presents to your organisation.

Immediately ceasing access for staff who are leaving, as an example. Most people aren't going to do anything. If they've given you 2 weeks notice and you let them go straight away, you're spending the equivalent of 2 weeks wages to treat the risk they will. Depending on the company, many places are happy to accept that risk treatment cost.The risk is not just that they will trash their computer or your systems. They may also steal or misuse confidential data, like customer lists.

I know of one person in consulting, who planned to setup his own company, doing what he did for his current company, and had planned to send a goodbye email to all his corporate contacts saying he was now in practise for himself - at 75% the price. He however was similarly unaware, like the original poster, of his company's seperation practises, and was escorted from the building immediately after handing in his letter of resignation. Fortunately his old company never found out about this, so he got a good reference for when he went for a similar job at another company, unable to start his own firm.

I once saw a post on slashdot about how sad it was that the NSA would destroy entire machines that had never been out of their box, just because they had been designated as spares for their datacentre. Consider it another way.. the machines were 2 years old, purchased tax free in bulk, and depreciated down to a minimal value. The risk posed that they may have ever been used and had operational data meant that it made a lot of sense to destroy perfectly good hardware.

Anyway, the point is, risks aren't always as obvious as they seem, and risk treatment is an interesting beast. Sometimes you do things which look like waste in order to prevent threats.

(IANAL, but I am a risk management/it security consultant :P I'd recommend the same thing in the same situation)

Re:What did you expect?

[tverbeek]

Some organisations will lock you out as a matter of policy as soon as you "betray" your intentions, but I've had much better treatment the last couple of times I left a job. Presumably because they knew I was trustworthy.

One employer left my key accounts in place (disabled) and hired me to do some consulting ("temp work", really) using those (re-enabled) accounts afterward.

The last place I quit amazed me at just how trusting they were: On my last day on the job (after giving notice), my boss, his managerial peers, and their boss were all unavailable, so I had to find a "responsible individual" in the department (a non-manager with more seniority than me) to give my keys to that afternoon. At the end of the day, I was actually left alone in the data center with both login and physical access to critical systems (to say nothing of the office kitchen and storage room). They trusted me to shut down my computer, turn off the interior lights, and lock the door behind me on the way out. (Which - considering that I was quitting in part because I hated how the place was run - was rather naive.)

Re:What did you expect?

[flosofl]

I too am in risk management. I heartily agree with what you have said. It all boils down to each companies tolerance of risk. Some companies are willing to pay the 2 weeks of serverence even though the employee no longer performs the job.

I work for a multi-national bank, and they do this all the time. They may spend millions over the course of a couple of years doing this, but this is what they are willing to pay to mitigate the possibility of even higher loss. There are some systems (I'm thinking of Fed Reserve and clearing house operations) that could cost that much over the course of a couple *hours* if they were disrupted (fines and/or actual loss). Even though internal controls make it unlikely to happen, the risk is still there and paying for 2 weeks of non-productivity is a small price to pay to reduce it.

This does not even take into account the *legal* problems a company would face if they allowed an out-going employee access and he/she disrupted operations to the point of major financial loss. It's called Due Care. And it can result in criminal charges being brought against the senior management. "So you knew the possibility existed, but still let this person have access?"

Don't be insulted. This is just SOP these days for any company with responsibilities to shareholders.

Re:What did you expect?

[Anonymous+Luddite]

Actually funny/not-funny

I worked at a company where one of the managers decided to move on. She was near the top, worked hard and was quite professional. Her mistake was in giving three months notice so they could work out a graceful exit.

She was fired on the spot, asked to leave the property and given the minimum statutory severance.

In my jurisdiction, once you've given notice you may be let go immediately provided the company pays severance. I knew I was leaving my job with that company for 6 months and didn't give notice till 2 weeks before. I would have loved to give them more time to plan for my replacement, but figured they'd just shaft me.

They went bankrupt a few years later. Sometimes you get what you deserve. :-]

I actually said that to my last employer.

[El+Camino+SS]

    I told them that I was walking off of the job, RIGHT NOW, and that was all there was to it.

    One of the bosses got upset with me and said that it was discourteous to do something like that. You should give two weeks notice that it would get back to you later and you might not be able to get a job for a stunt like that.

    I then told them that my employment was a contract where you paid me for services, and if you fired me, you would walk me out of the building immediately.

    "So, I'm firing you. You're all incompetent, and the system is failing due to that. Consider my vacant position as a sign of things to come."

    When I walked it stirred people. That next week they lost three. Two more quit the next week. I was an underground leader of the staff, and when I went, the whole place saw my lead and thought it wasn't worth it.

    All in all, it was the most worthy thing I've done in years.

Re:What did you expect?

[1u3hr]

If you're insane you have backups of your email. If you take anything of the sort and there is a good chance you are in violation of multiple sections of company policy

Company policy isn't law. Would you refer to have selected correspondence presented as evidence against you in some dispute? Make email backups; actually paper prints are better, lawyers trust paper more than digital files. Don't announce it, just have them in reserve in case they try to bushwhack you. I presented some email in a wages dispute, the send timestamps showed I'd been at work (or at least doing work) when they claimed I had skipped out. (Yeah, sure they could have been faked easily, though they weren't.)