Today on Freaky Friday: The lonely path of the Admin Warriors*
16th December Leave a comment
Why is it that admins are that mighty?
First of all IT – as one of very few functions – has the power to shut down the whole company in seconds. Just switch off a critical router or delete some user rights – done. These guys have the power to really stop everything going on in a company, since today we rely on technology completely. Imagine a company without internal and external network, no working phones or mobiles …
The second reason is that IT (and especially the infrastructure and user administration) is barely seen as an important business function, but more as an expensive curse (“IT is something we have to do…”). Therefore these operations are under the radar most of the time. They ‘just’ have to make sure that the systems are running.
Thirdly: they can cover up pretty good if they screw up. Because there will always be some patches from Microsoft, a defective part of hardware and so on that can explain why something didn’t work. The funny thing here is, that these excuses are widely accepted. That is because in the past we all were conditioned that IT is defective and that some things just do not work. We know this from experience. Therefore we know already who to blame – the manufacturers. People just bear with it all the time. A colleague for example had the problem that every time he undocked his laptop from the docking station an put it back again his complete user account was locked – for weeks. After some automatic updates my machine at a client wasn’t able to connect to my home wlan, not to talk about a VPN connection – couldn’t be fixed over month.
May be you know The Bastard Operator From Hell (BOFH)? He is the role model for how to implement your sabotage strategy perfectly. Always find a good explanation and do the most havoc you can do without spoiling your position.
If you want to go for a more subtle way of destruction than deleting accounts or unplugging routers, go for user rights. Depending on the kind of people working in your company you have to choose wisely between two options.
Option 1: Secure it to death
This is easy to achieve. Just inform yourself of the newest regulations on compliance and security and you will see that your companies network is a piece of shit. So do everything to get rid of this severe security situation :-) On workstations it must be enough to log in and start outlook – anything else: denied. For development departments kick everyone off the deployment servers except the division manager. If you use CMS or shop systems, restrict every user right you can. In the best case the users are restricted so much, that they are not able to work (or at least need to use massive and costly workarounds for simple tasks). For example make the users to choose a new password every week. The perfect excuse is the regulations: it’s not your fault the company needs to implement them… This strategy is perfect, if you have folks that are hard working, straight forward and want to do a good and quick job for the customer.
Option 2: Leave it open like a barn door
Now here is the contrary. Do not implement security measures at all. Just use passwords if you need to and choose them to be weak. Do not use encryption. Make the infrastructure fail unsafe at critical points (hardware is sooo expensive…). Never make the user choose a new password. Allow as much developers onto the live system and into deployment as you can (in fact this is one of the most effective ones I know – had the chance to see systems crash several times due to people playing around not knowing what they were doing). Let everyone use his laptop with what he wants – with full admin rights. And in the end, do not use any user right restrictions in CMS or shop systems. Done? Now you just have to wait… havoc will come by itself… massive… destructive… It will come. A system crash, virus, system rollback, data loss and what ever you can imagine to happen with your IT.
As a result: if you ever think about IT departments again, think of them as a great source of subtle destruction. Keep a good contact with the people there and and make the most of this fabulous opportunity.
* Legal disclaimer: What you read here may cause havoc to your project, when applied. Neither ecomPunk.com nor the author will take any responsibility for the effects. So read carefully. You are responsible for any action you take (or not take) after reading!