SOX Compliance for Temporary Labor? 1310

  • Where I work we have a large amount of temporary labor. Its a warehousing and shipping environment, so many times we will have people work for us from a temp agency for a day or two. Right now we use a domain account that everyone knows and uses to login, unless they are a supervisor and will have a personal profile setup (email, web favorites, mapped drives etc).
    Question is, having a new ID created for these temp workers just is not a feasible. Its a 24 hour turnaround on the best of days through our helpdesk and often times we only find out an hour or two the resource will be on site and ready to work.
    Therefore were kind of stuck. Trying to be compliant with a unique and auditable login for each user … but also have to support the business in an effective way.
    Suggestions on where to look?

  • I would suggest having multiple guest logon IDs available and assigning them individually each day to the temp workers. At least this way, you do know who to go back to if an issue arises. These could be set with a password expiration of 24 hours and requiring a new password to be set up every day. This way, their use would be limited only to those people who establish the password. I would also suggest that the guest logon IDs have very limited access so that a temp worker cannot access anything where he could create a big issue.

  • I concur with Kymike:
    Guest Log-in, Daily Password Expiration, Access based on Doctrine of Least Privilege plus Quarterly Review of Generic ID System Log.

Log in to reply