IT Privacy @ work, CEO wants all admin staff user/pas

#1 Posted by caseypayne69 (5390 posts) -

My CEO, which no one trusts, just put out an email that said this to the admin staff (5 members):

"We never know when we might be hit by a bus… meaning, who and how would RHCA pick up where you left off should you suddenly no longer be available? So, we all need to write down our log ins, passwords, account numbers, key contacts, etc., for the various systems and programs and entities that you conduct business with. Put your information in a sealed envelope and send them to me. We’ll secure the envelopes and hope we never have to use them. Please get your envelope to me COB on April 25th. [Joseph… can you get yours done before you leave for training?]

OK… names, passwords, phone numbers etc. change. So, we’ll probably do this exercise periodically."

None of us trust him and feel he is fire happy. Isn't this an IT security violation? Any know where I can site something to block this? Thinking of giving old passwords.

#2 Posted by JohnF111 (14099 posts) -

Their username and their password, their property that the username and password is protecting.

You don't have a leg to stand on.

#3 Posted by caseypayne69 (5390 posts) -

Bullshit. I have an IT policy to block it.

#4 Edited by magicalclick (23034 posts) -

That's security epic fail. Firstly the CIO should own the Master Account. Not the punny admins account that should only be limited to very small range of tasks. The fact that it needs punny admin accounts means the security is crap. Go tell him to fix it, not break it.

#5 Posted by LexLas (4338 posts) -

Never heard of such a thing. All our computers, peripherals, ect. are on clouds. Our passwords are useless here, its about the software control. I think your CEO is behind in times. We aren't allowed to keep files on our computers or devices here.

#6 Edited by GTR12 (9801 posts) -

This is why you always overlap 2 employees or admins with the same jobs or in this case rights.

#7 Posted by dave123321 (34202 posts) -

Yeah this is a security nightmare

#8 Posted by caseypayne69 (5390 posts) -

I'm job hunting. This is shady activity.

#9 Edited by Barbariser (6743 posts) -

If he's asking you to disclose confidential and/or personal information, that's probably illegal and you should see if you can get the law on his ass.

#10 Posted by Korvus (4748 posts) -

First time I hear of a CEO that doesn't have access to all accounts anyway...they always have access to all accounts through theirs...

#11 Posted by Serraph105 (28283 posts) -

give him this as your password


#12 Posted by BeardMaster (1580 posts) -

In order for you to have a login and password there exists a database of accepted information it checks against. So if he really wanted the data he should just ask the DBA to dump the table to a text file and email it to him. Dude sounds like a hardcore idiot.