July 22, 2008 at 1:44 am
I saw a recent article about a suspected rogue network admin in San Francisco called Terry Childs; details in the San Francisco Chronicle. I'm in England so it hasn't surfaced on the media radar. Anyway, it got me wondering.........................
When do you slip over the line from protection to paranoia? What are the signs that you (or your colleagues) can't ignore?
Madame Artois
July 22, 2008 at 2:18 am
I suspect that, as soon as the details of this case come out, the focus of blame will move to the people who were responsible for supervising the guy. I've seen this sort of thing happen several times, but with less dramatic consequences, and it is often a case that a technical guy is put under intolerable stress by management. It is inevitable that wierd things will happen in consequence. The more I read of this case, the more I wonder how it could ever have been allowed to get this far.
Best wishes,
Phil Factor
July 22, 2008 at 2:34 am
I thought so too. Some of us are a bit strange but I would have thought that he hadn't just 'gone off the deep end'. There must have been some reason why he tried to protect himself and the network this way.
On the other hand, some of us are 'Supreme Beings' and intensely territorial
Madame Artois
July 22, 2008 at 8:45 am
Some more info here: http://www.networkworld.com/news/2008/072108-terry-childs-rogue.html
I'd say that if you ever say, or hear someone say, "only xxx can do this", you have a problem. It's OK to have experts, but you have to be able to back them up.
I used to always copy down passwords and give them to someone when I was the only person that managed systems. I'd go to the CFO, I'd show him how to log in, give him the password, and instructions for logging in, which he verified, and the envelope would be sealed in our safe. Every time I changed passwords, I gave him a new envelope.
Multiple things wrong with that procedure. First, I determined when to change passwords. It should have been someone in management that required me to change them, scheduled an appointment, and then watched me change them.
Two, the contents of future envelopes were not verified. Someone should test them.
In larger companies, we changed passwords regularly, the manager assigning the task to someone in the group each month. That person changed them, logged them in our Password Safe, and then distributed that to multiple people.
This article should be proof of why you cross train and verify everything. No super-admins anywhere that are allowed to do what they want.
July 22, 2008 at 9:17 am
Yes, it is a fascinating story. We're now getting some accounts from his work-mates that ring true, for a change. It would be great to turn the whole story into a training video, and pause it at every stage of the process. Ask, What went wrong here. What steps taken at this stage could have prevented the whole thing getting out-of-hand. I know it is a network-admin story, not a database story, but the lessons are very similar.
Best wishes,
Phil Factor
July 22, 2008 at 11:36 am
management problem
there was a story this weekend where one of the co-workers was a source. this guy took all the responsibility on himself and thought he was the only one who could do the job.
Viewing 6 posts - 1 through 5 (of 5 total)
You must be logged in to reply to this topic. Login to reply