Your team member keeps bypassing secure remote access protocols. How will you address this risky behavior?
How would you handle a team member ignoring secure access protocols? Share your approach.
Your team member keeps bypassing secure remote access protocols. How will you address this risky behavior?
How would you handle a team member ignoring secure access protocols? Share your approach.
-
Paulo Guedes
Gerente de TI na Agro-Comercial Afubra | SUPERIOR EM GESTÃO DA TECNOLOGIA DA INFORMAÇÃO
Como gestor, minha prioridade é garantir a segurança da informação e promover a conscientização da equipe. Ao lidar com um membro que ignora protocolos de acesso remoto seguro, meu primeiro passo seria dialogar para entender o motivo e reforçar a importância desses procedimentos, destacando os riscos envolvidos. Também avaliaria a necessidade de treinamento ou suporte adicional para eliminar dúvidas. Caso o comportamento persista, aplicaria medidas corretivas alinhadas às políticas da empresa, sempre com foco na orientação e melhoria. Segurança é um compromisso coletivo, e meu papel é engajar e garantir que todos atuem alinhados a esse objetivo.
-
I would address this behavior by discussing the importance of following secure access protocols with the team member, clarifying the potential risks and consequences of bypassing them, and providing additional training or support if needed to ensure compliance and security.
-
The security measures we have in place, do not allow for bypassing protocols. We have a layered approach to security. Each step in order to reach resources is tightly controlled. Which allows for the smallest possible attack surface for any would be hackers or threats to exploit. I found that the multi layered approach to security works best in our environment, and minimizes the risk. We provide in-depth training for all of our employees, when it comes to every possible method of infiltration from the outside. The training is updated regularly, handmade available to all employees as mandatory training.
-
No one should have the ability to "bypass" secure remote access protocols. If they can you're doing something wrong...sorry not sorry. If your network lacks the technical controls, fix them or upgrade to a solution that allows you to secure this ASAP. At the end of the day this is simply "risk", and it is up to you to educate management, and management to make a risk management decision to deal with it. Provide your tech team with the funding and tools needed to secure your network. If you don't you are accepting the risk thru in-action.
-
This scenario is more common than we'd like to admit, and it demands a balance of accountability and education. Start by having a direct conversation to understand why they’re bypassing the protocols-is it a lack of awareness, convenience, or frustration with the system? Next, emphasize the why behind the security measures, linking them to real-world risks. Pair this with hands-on training or improved processes to make compliance easier. Finally, reinforce accountability through monitoring and clear consequences. Collaboration, not confrontation, drives lasting change. How have you tackled this challenge in your organization?
-
In my opinion, security policies are there to be adhered to, this is reprehensive behavior. It would warrant a written warning. This will ensure the matter is taken up with utmost severity. The only upside from this would be an update on the security system and policies.
-
I would start by having a private conversation with the team member to understand why they’re bypassing secure remote access protocols and explain the associated risks. Next, I’d provide training to reinforce the importance of following these protocols and explore ways to make the process more efficient if it feels cumbersome. Finally, I’d set clear expectations, monitor compliance, and ensure accountability while fostering a culture of security awareness.
-
Understanding the reasons behind the process is key here. Compliance to security frameworks ensure businesses can operate with customers that require alignment with them. Having a successful, profitable business, which these contracts often provide, is beneficial for all involved
-
Evaluating personnel risks is a critical component of any company's risk assessment strategy. It is essential to implement measures that prevent any single administrator from possessing exclusive access or unrestricted authority—often referred to as "God" powers—over the network. In situations where complete segregation of access is not feasible, it is vital to establish comprehensive documentation that outlines the standards and responsibilities for privileged users. This ensures accountability and helps mitigate potential security vulnerabilities.
-
To address this risky behavior, I would emphasize the importance of following established procedures and action lists for all tasks. I would start by having a one-on-one conversation with the team member to understand why secure remote access protocols were bypassed. Then, I would reinforce the need to adhere to these protocols as part of our standard operating procedures, highlighting the potential security risks of not doing so. If necessary, I would provide additional training to ensure full understanding and compliance. Moving forward, I would implement a structured action list system to monitor and enforce adherence to security procedures, ensuring all tasks are carried out in accordance with documented protocols.
Rate this article
More relevant reading
-
Computer RepairYour team is divided on fixing a computer glitch. How can you bridge the gap and reach a consensus?
-
Communication SystemsWhat are the guidelines for testing TCP/IP communication systems?
-
Computer HardwareWhat is the best way to fix a computer that won't turn on?
-
Computer NetworkingWhat is router configuration, and how can you do it effectively?