Initially makes me wonder how the employer could be so dumb as to give one employee so much access. But then I remember a former employer of mine did the same and worse.
Colleague was known for writing his comments in such a way that only he could read them, including mixing in German (US based company doing all business in English). He was also the admin of our CAD system and would use it as leverage to get his way on things, including not giving even default user access to engineers he didn’t like. We migrated systems and everyone was thinking, “this is it, the chance to root this guy out of the admin position” and… they gave him admin access again. Not even our IT department had the access he had. I left before the guy retired / was fired, this post is making me wonder if he left peacefully or left bricking the CAD system out.
Initially makes me wonder how the employer could be so dumb as to give one employee so much access.
Right now, just based purely on the access I need to do my day-to-day job involves me having access where I can pretty much nuke everything from orbit, with an ssh loop.
At some point, you need to trust your employees, in order to get work done. Sure, you can lock it all down tightly, but then you just made work take longer. It’s a trade off.
Initially makes me wonder how the employer could be so dumb as to give one employee so much access.
The amount of access he had doesn’t surprise me. He’d been there for 11 years already likely working on many things as he interacted with systems in the course of his legitimate work. While its possible to set up access and permissions in an organization utilizing the “least privilege principle”, its expensive, difficult to maintain, and adds lots of slowdowns in velocity to business operations. Its worth it to prevent this exact case from the article, but lots of companies don’t have the patience or can’t afford it.
Initially makes me wonder how the employer could be so dumb as to give one employee so much access. But then I remember a former employer of mine did the same and worse.
Colleague was known for writing his comments in such a way that only he could read them, including mixing in German (US based company doing all business in English). He was also the admin of our CAD system and would use it as leverage to get his way on things, including not giving even default user access to engineers he didn’t like. We migrated systems and everyone was thinking, “this is it, the chance to root this guy out of the admin position” and… they gave him admin access again. Not even our IT department had the access he had. I left before the guy retired / was fired, this post is making me wonder if he left peacefully or left bricking the CAD system out.
Right now, just based purely on the access I need to do my day-to-day job involves me having access where I can pretty much nuke everything from orbit, with an ssh loop.
At some point, you need to trust your employees, in order to get work done. Sure, you can lock it all down tightly, but then you just made work take longer. It’s a trade off.
My previous work didn’t revoked my access to their CMS. I was so upset when they laid me off after telling them my wife is pregnant.
But I ain’t that stupid.
Aren’t you no longer binded by profesional silence? Just log in into their DB, export it and try to get a seller
Again, not that stupid.
The amount of access he had doesn’t surprise me. He’d been there for 11 years already likely working on many things as he interacted with systems in the course of his legitimate work. While its possible to set up access and permissions in an organization utilizing the “least privilege principle”, its expensive, difficult to maintain, and adds lots of slowdowns in velocity to business operations. Its worth it to prevent this exact case from the article, but lots of companies don’t have the patience or can’t afford it.