I recently discovered some concerning issues with an older IT technician in our company who's been here for over 20 years. When he returned from a long sick leave, he started checking various CDs, and it turns out one had malware on it. Since then, we've detected further issues on his PC, including attempts to access a honeytoken and the presence of potentially harmful files. I'm unsure how to approach a review with him about these problems. Should I interrogate him directly, and what questions should I be asking to get to the bottom of this without jumping to conclusions?
1 Answer
It sounds like you've got a serious situation on your hands. First off, check if your company has clear policies on how to handle these types of incidents. If your protocols are already in place, follow those. If not, that might be the bigger issue. You might want to consider if this employee is just out of touch with current tech standards or if there's something more malicious going on. It could be beneficial to limit his access while you investigate further.
What do your policies say about dealing with situations like these?