You are an IT manager in an organization. During a routine check of the log file

Question

You are an IT manager in an organization. During a routine check of the log files on network usage, you find that one of the users Donald is using the network to access files from the server every day for 2 to 3 hours after regular working hours. You meet Donald in the cafeteria the next day and tell him not to work after regular hours. Donald is surprised and says that he very rarely works long hours. It's clear to you that someone has hacked on to the network and used Donald's credentials to access the servers. You find the culprit on further investigation. How will you react to the situation based on your responsibilities as an IT manager? In this situation which policy should the organization follow?

Explanation / Answer

Dear User, In a situation where an IT manager finds the culprit who steals the credentials and thus the information, he has to follow the information security policy. According to such policy information which is confidential should not be accessed in an unauthorized manner. Stealing credentials is restricted. An IT manager should immediately talk to the culprit regarding his unlawful acts. As he has not followed the rules and policies he has to be punished. At first, depending on the loss of information or the confidentiality of the information he accessed he is to be punished. If the problem is less, he can be warned and a notification is to be issued. If the problem is not a negligible one, the culprit is to be rusticated and if needed any legal actions are to be taken.

Related Questions

Navigate

• Browse (All)
• Browse Y
• Subjects

---

---

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.