3

One of our senior colleagues in my last project at TCS had brought a pen drive with him, not sure why! He worked on a client system, which he believed was not monitored by TCS. So what he did was, he plugged in the pen drive in his computer and tried to copy some files from his pen drive to the computer. However, he wasn’t able to copy the files.

We weren’t aware of this until our project manager, who sits at the farthest end of the ODC shouted at the top of his voice, calling out his name. In front of the entire ODC, he was scolded since the HR team had called the manager informing that the machine assigned under this employee’s name has detected a security breach.

He had to explain the reason; where he said he wanted to copy some codes that he had to office machine in order to reduce his manual effort, which was probably very silly of him! For the next few days I hardly saw him inside the ODC, probably had to visit people to show cause or other things and was harrassed by our manager, insulted every time he passed by him.

He was not suspended although, maybe the manager or someone else saved him, although normally such violations would have seen him terminated.

Comments
  • 0
    "...normally such violations would have seen him terminated...."

    Are you not exaggerating? I injected my personal drives many times to company's laptop. I know it's not allowed.

    I would just explain if I get caught. I would expect maybe to get a warning, but not termination.
  • 3
    @cho-uc In a large consultant company with lost of applications I guess the bar for security violations can be quite low.

    I have heard of companies that glue usb ports to prevent similar things.

    Maybe not as common today when all peripherals use usb.
  • 3
    @cho-uc It's not an exaggeration, but it's probably not common too.

    The penalty will depend on the sensitivity of the project, data, systems that laptop/user has and a few other things.

    However if such action is forbidden on employee's environment usually there's a proper protocol how to bring code/documents in from the outside without introducing any risky activities.
Add Comment