Posted on 2012-08-27
Hello everyone. I have a problem I think...
We have a new employee who has started with us and is very set in their ways.
They are the new manager of the developer department for us. I will from now on refer to this person as (DEV BOSS) and these developers that work under this person as (DEVELOPERS). They all work with various versions of Visual studio, sql and sourcesafe among other things.
A Developer decided they needed to leave the company and take another job elsewhere. Per IT Policy We disable AD credentials Backup their My Documents Folder and leave their account disabled. When this DEVELOPER left and went to turn in their laptop the DEV BOSS asked for their username and password for windows. This is obviously a big no no. I am militant in my enforcement of our password policies, there is no reason in a proper IT environment for user credentials to be shared as far as I am concerned. Any company that takes security seriously affirms this.
The employee correctly said No I can't give you my password see IT. Which this individual did. The DEV BOSS tried to make the case that they needed the former DEVELOPERS user password because the programmer had "set up a development environment" on the laptop and did not want to have to recreate it from scratch and lose all this persons work, the only way to avoid this is to continue using a username and password for an employee who has left the company. This I won't budge on.
I have to know, in companies much bigger than mine, when you have a developer work on their own laptop and set up an environment for testing (whatever that means) And that user leaves and the hardware gets reassigned Don't you format the laptop and start from scratch? I need to make room for the new users profile and am cool with just deleting the user specific profile not messing with any program files.
I've given the new user the same rights on the machine and our network the old user had.
This should in theory leave whatever this user is talking about alone. I realize this is a poor description of the problem I am having but that's because i don't use VS or anything these programmers use and am having difficulty grasping what the DEV BOSS is complaining about. I fully disbelieve (especially after consulting with other IT companies as well on this) That #1 There is never ever a reason for someone to know someone elses password even after they leave. #2 Microsoft developer software really isnt as dumb as this DEV BOSS is letting on.
I hate delaing with stuff like this especially when someone who comes from a company that had way more relaxed policies than we do INSISTS that they must get their way and circumvent our policies.
How do you all setup developer laptops?
Is this DEV BOSS full of it? Or have I made some real deadly assumptions here?