Fatal IT mistake No. 1: Being careless about data backup
It was 10:30 on a Thursday night when the chief operating officer of a medium size clothing manufacturer called Schlissel informed that the ERP system of the plant has been wiped out by a virus, while they had a key deadline in the morning.
Schlissel, who was CEO of managed service provider GeekTek IT Services, headed down to the office of the clothing manufacturer to handle the situation personally. After three minutes of logging in, he realized entire data files were gone, as someone had purged the system.
It turned out a disgruntled IT contractor had enacted revenge by wiping the garment maker’s servers. But worse news was yet to come. The backups, which were supposed to run every night, hadn’t been working for a very long time. The most recent data Schlissel could find was a year old, making it virtually worthless. Add to this, the general-purpose IT guy of the company simply forgot to take backup. He surely lost his job the very next day.
Fatal IT mistake No. 2: Prying on the boss
A few months ago, Tom Thordarson received a call from the CFO of a medium size health care provider in California. Thordarson and his staff are frequently asked to act as a virtual CIO for small businesses and carry out forensic investigations.
The CFO informed Thordarson he suspected that someone was snooping on his mailbox, and he had a good idea who it was: the IT director of the firm.
Thordarson had one of his techs altered a real-time network investigation to send a silent alert in case anyone found reading emails they are not entitled to. Within next few days, firm discovered it was the director of IT who was reading not only CFO’s emails but also the messages from the CEO, the chairman, and other top bosses of the company. Needless to say, the person was found reading job advertisements next day.
Fatal IT mistake No. 3: Shielding the crime
Here’s a mistake that could have happened to anyone. The IT staff working with leading financial institution wanted to replace a disk tray for an older storage array. The vendor was asked to ship out a tray and the junior sales guy at the vendor shipped the wrong one that was incompatible with the old one. As a result, The array failed disastrously collapsing the entire bank’s system offline for around a week which cost millions of dollars. And that’s when Anthony R. Howard was called to troubleshoot and who was an independent technology consultant for Fortune 50 companies as well as the U.S. military. He identified three problems: one: the vendor shipped the wrong unit. The second was that the IT staff at the tried to install the array without waiting for the vendor to send a qualified technician. The third problem was that everyone involved in this entire mess lied about it except for the one staffer, who had the courage to confess what really happened and he was the only one who could manage to keep his job.
Fatal IT mistake No. 4: The porn identity
A couple years ago, a network admin was looking for an empty backup tape and came across one from the desk drawer of a senior system administrator. The moment he popped it into the drive, he was shocked to see it was full of data and filled with porn. And, the matter became worse because there were numerous other ‘blank’ tapes in the admin’s desk. Though it’s not illegal to carry those tapes, still the poor guy was terminated. Normally, IT guys know how to turn them off porn sites and organizations have strict policies and filters in place but high-level admins often exempt themselves from such restrictions.
Fatal IT mistake No. 5: Don’t keep the wrong secrets
Bill B. worked a network engineer at a leading U.S. Internet provider. However, an ex-colleague was asked to change the IP addresses on some production routers. As these changes could affect Internet subscribers, taking them briefly offline, normally such changes were made at night.
But this engineer wanted to avoid staying so late, so he changed the addresses at the end of the day before leaving office and turned off his phone so that he wouldn’t get disturbed during his off-hours.
That was his first mistake and the bigger mistake than this was that he consistently declined to document anything he’d done and had no idea which IP addresses he had already used in the past.
After he left office, the interfaces failed to come up as their IP addresses had already been used, which left around 5,000 subscribers without Internet access. When other engineers tried to contact him to figure out what went wrong, it was impossible to reach him.
It took a team of five network engineers several manhours to fix the issue and rectify the problem. The next day was his last day in the organization.