Skip to content

Living with Bad Policies

​CORPORATIONS ARE increasingly engaging in a number of employment practices that raise the risk of workplace violence. These include poorly handled employee terminations and requirements that employees train their own replacements. Security professionals must be aware of the potential implications of these policies at their own companies and must seek to mitigate the risks.


A man, whom we’ll call Jenson, was employed by a high-profile company for 24 years. Jenson was working at a customer location on the East Coast when he received a phone call from his manager, who resided in Arizona. Jenson’s manager asked him to take the call where they could talk uninterrupted for the next few minutes. Jenson did so, and was summarily laid off over the phone, effective at the close of business that day.

During the ensuing discussion, Jenson explained to his manager that he had at least another week’s worth of work to complete on the account. Since he had built a strong relationship with the customer,

Jenson was concerned about the reaction should he leave the job unfinished and not return. Jenson’s manager relented, but not before threatening the loss of severance pay should he disclose his new work status to the customer. Jenson subsequently completed his work at the account and left without incident.

A few days later, Jenson was sitting in the human resources office of his soon-to-be former employer. The HR representative discussed all the pertinent issues related to his dismissal and then wished Jenson good luck. Jenson, taken aback by the HR rep’s nonchalance regarding standard security procedures, inquired as to whether he wanted to escort him out of the building. The HR representative responded that he was sure Jenson could find his way out, suggesting that he not linger in the area or disturb other employees. Jenson walked out of the building, shaking his head in disbelief at what had just occurred.

The circumstances surrounding this true story are astounding in both the callousness towards the employee and the lax security practices. Terminating an employee over the phone demonstrates, at a minimum, poor judgment. Such an action initiated at a customer’s site, where the same employee could take out his frustrations on computer systems or the company’s own workers, invites disaster.

Couple this with the absence of any preventive security measures relating to layoffs, and one is left wondering how this multinational corporation has avoided a serious security incident. Fortunately, Jenson’s temperament and common sense meant that he presented no risk to the company. However, this isn’t always the case.

While the evidence is mostly anecdotal (since no one collects statistics on this), these types of poorly handled terminations appear to be increasing. Possible reasons run the gamut of the security spectrum: greater focus on external threats such as terrorism, rather than on internal threats; a failure at some companies to involve security in HR-related issues, such as employee terminations and layoffs; or a lapse in attention due to increasing layoffs and terminations.

Whatever the reasons, the negative implications for a company’s assets and image are multiplying. Companies should treat terminations with care by revisiting best practices. For example, companies should fire employees in person when possible, and management should never terminate employment while a worker is on a job site. Security procedures should be followed during a termination. Employees should give up badges and should be escorted from the building, no matter what their previous status.

Replacement Training

According to a recent survey conducted by the Washington Alliance of Technology Workers, almost 20 percent of information technology workers have lost a job or know someone who lost a job after being required to train a foreign worker, who then took over the job. It is not the purpose of this article to discuss either the political or economic ramifications of such a corporate policy. The security implications, however, are critical.

Companies have been known to use one of three approaches in the “train your replacement” phenomenon. The first is directing an employee to train someone without letting them know beforehand that the person will be a replacement.

The second approach involves notifying the affected employee that he will not only train his replacement, but that immediately thereafter, he will also have to relinquish his job. In some cases, incentive pay is offered to meet this objective. However, there have been reports of threats involving the loss of severance pay or unemployment benefits if an employee declines to participate.

The third method involves an interesting twist on the previous scenarios: Several employees are advised that they are training their replacements, but with the proviso that one of them will still have a job when finished—the idea being that all employees will put forth maximum effort into training their replacements if there is the possibility of continuing to work for the company.

From a security perspective, a “train your replacement” policy creates humiliated and angry employees. It takes only one employee in such a pressurized environment to overreact and lash out at others. The ramifications of such an outburst could cost a company far more than management will save through the policy.

Security managers should inform HR and senior managers that the practice could result in workplace violence. Assuming that the company insists on maintaining the policy, security can suggest that the company take steps to mitigate the risk. For example, it might offer incentive pay for the practice and involve the employee assistance program where available. If the company refuses to consider such actions, security managers must be vigilant in monitoring for signs of trouble.

Atmosphere of Distrust

Over the past several years, corporate scandals have hit a range of U.S. businesses, including Enron, Rite Aid, Tyco, Adelphia, WorldCom, Kmart, Qwest Communications, and ImClone, to name a few. Some of these debacles resulted in thousands of employees losing their jobs, and because they primarily had their retirement nest eggs in 401(k) plans tied to the company’s stock, these same employees often simultaneously lost their life savings.

These scandals and the damage done to employees have only intensified the atmosphere of distrust between management and workers in corporations in general. These factors do not bode well for security professionals, who depend heavily on employees to assist in securing the enterprise.

Ultimately, senior management and security must find ways to demonstrate to employees that supporting protection efforts is in their best interest. For many companies, this will be a challenging task.

The best plan includes emphasizing divisional or departmental loyalties, though not at the expense of the corporation. By framing security issues as in the employees’ interest because they help to ensure financial stability, security may succeed in getting some support.


Most security professionals are both familiar with and trained to handle threats generated by employees. But what happens when threats originate from corporate management and are directed at employees?

Like employee threats, corporate ones can be either direct or implied. In the case of Jenson, management directly threatened the loss of severance pay should he disclose to the customer that he was being laid off. For some of the workers who were asked to train their replacements, there was the feeling that refusal to comply with the request could have resulted in immediate dismissal. Whistleblowers in particular have had to deal with similar issues.

Corporate threats are not a new phenomenon, but tracking the actual number of occurrences and their severity is nearly impossible. In reality, most employees who find themselves in such situations do not want to risk the loss of their livelihoods—no matter how tenuous—and simply say nothing.

The problem with corporate threats, outside of the obvious legal and ethical dilemmas, is that they isolate the employee. Threatened with the loss of a job or severance package by management, the employee may think that there is no other recourse than to accept the situation and maintain silence.

From a corporate perspective, silencing an employee in such a way maintains a semblance of control. The worker is forced to accomplish needed tasks before exiting the company, and in return, he or she is remunerated for that effort.

However, being backed into a corner breeds resentment, which can sometimes result in retaliatory measures by the employee. One of the most frequently chosen means of retaliation is to wait until after receiving the benefits owed and leaving the company, then going to the press with a story of mistreatment. This kind of adverse publicity serves only to tarnish the company’s image.

Because security has no direct control over senior officials, the department’s only recourse is to carefully watch employees and try to mitigate any danger. For example, security must be aware of when employees are leaving and whether they have been fired or are leaving voluntarily. Then, security managers must watch for any threatening behavior from that former worker by giving guards a list of anyone terminated, with photos. The list should be updated daily.

Policies such as those discussed here engender worker hostility that creates fertile ground for retaliatory measures and perhaps deadly violence. Security professionals may not be able to convince management to discontinue such policies, but they can and must raise awareness of the risks they create and take steps to mitigate them whenever they arise.

Eric Harne is president of Harne and Associates in Dillsburg, Pennsylvania.