‘You're gonna revoke our admin rights? Fine, no problem.' : Terrible manager gets fired after employees maliciously comply with his new inefficient company policy

Advertisement
  • 01
    World - Security tells me no, ok it's no. TL;DR: a new security manager tries to make new rules that don't work, problems follow, he gets fired. L. www
  • 02
    Font - Posted by u/Available-Election86 13 hours ago Security tells me no, ok it's no. LOC
  • 03
    Font - So I'm gonna tell my story too. I'm on PC but not a native speaker, so I apologise for grammar. I work for a subsidiary of a fortune 500 as a manager of a dev team. I have 7 people under me, think L3 people very knowledgeable and driven to solve issues. We're all remote. I'm lucky my team is mostly great and we achieve the objectives we are given.
  • 04
    Font - One day, the new security manager decides that devs are not allowed to be administrators of their laptops. He writes a new company policy for it. It's a st show for us. It means my team can't work on some applications that requires administrative rights. Also, as devs know, some bugs need my guys to install/ desinstall/ reinstall the applications many times to make it work, changing only a few parameters each time. So I try to push back
  • 05
    Font - saying it might impact our service level agreements but the security manager doesn't want to understand and just sends me emails with "NO" in bold and caps. His boss is AFK for health reasons so I can't escalate as I would have.
  • 06
    Font - The only way to make my guys work is that we need someone with the admin rights to unlock them when they need it. That admin is part of the support center. So, cue malicious compliance, I ask my team to create a ticket each time. They're not happy about it of course. The support center manager isn't happy either,
  • 07
    Font - because we create a lot of tickets and his team has been understaffed for a while. I also tell all the other managers in my department to do the same, and even though they create a lot less tickets than my team, it helps.
  • 08
    Font - Of course this is my plan. If my team is unhappy, other people in the company are going to be too. So pressure piles up. The support center manager is unhappy, his boss saw the numbers increases too so he's unhappy too. He talks to my boss but hey, I have emails from the security manager.
  • 09
    Font - The support center manager asks me to be reasonable and asks for a number of hours per week. I'm a team player of course, so yes, I want to help him. I ask for 20h/week for a guy from his team to sit around waiting for my team to need him, unlock their install and then wait some more. I'm guessing the admin is pretty happy about it, because it's way less pressure than his normal job and
  • 10
    Font - there's not much to do but type in an admin password once in a while. It helps reduce (or not increase) the number of tickets, but the support center has less people so they resolve less tickets than before.
  • 11
    Font - Then comes the climax, one application has a critical bug outside of the hours of the support center guy. So I tell them as per my agreement with the support center manager and obeying the security manager, my team can't work on it yet, we'll have to wait the next day. It's a healthcare product so it means a lot of our customers are going to be upset about it (can't say too much, don't want to be found).
  • 12
    Font - Of course, I'm a reasonable guy, the support center manager is too, so we find someone with admin rights and put my guys to work. The resolution of the ticket takes much longer than usual to solve because of all the back & forth between the admin and my team. During the postmortem, it is found than the new
  • 13
    Font - security policy was the main delaying cause (every member of my team told the postmortem woman that, as I did). I have all the emails I sent to the security manager highlighting the risks of this new policy, and him saying he didn't care for it. I sent that to the postmortem woman and let her find her way in the politics.
  • 14
    Font - 3 months later, the security manager doesn't work for us anymore, and most members of my team (but not all :() have admin rights on their machine. I learnt that the support center manager has made his mission in life to complain about the security manager to everyone who would
  • 15
    Font - listen and have him fired. And the support center manager knows a lot of people in the company. His director agreed with him and with the postmortem woman (or her boss, not sure at that point), they convinced the VP to fire the security manager even before the security director came back from his health issue.
  • 16
    Font - TL;DR: a new security manager tries to make new rules that don't work, problems follow, he gets fired.
  • 17
    Font - dimercurio 12 hr. ago Well done. In the face of stupid regulations, follow them and let it fail. Document the reason for the failure along the way. Be ready to present the facts quickly. You did all that. You did the right thing. Vote Reply Share
  • 18
    Font - dan000892 10 hr. ago It's a reasonable regulation but it was addressed improperly. Might have been required for regulatory compliance critical to the business or to get cyberinsurance, but the guy didn't consider the business impact of the change or options to lessen it. Act like a tyrant, get overthrown like one.
  • 19
    Font - There are privilege management tools that whitelist specific applications and other actions be executed with admin perms by users and enable rapid approvals (like push notification to admin cell phone rapid) for admin elevation requests with justification by the requestor. Costs a lot less than half an adminstrator to manually perform the same function (and it creates its own evidence to prove compliance).
  • 20
    Font - AgreeablePie +3 · 11 hr. ago When you wrote "postmortem woman" I got worried, since this was in the context of a health application... ✩ Vote Reply Share
  • 21
    Font - GnowledgedGnome · 11 hr. ago The company I work for recently started issuing new machine without local admin. In order for the developers to get local admin a ticket, separate from the new machine request, had to be entered. We had some new developers onboarded that waited nearly a week for admin rights so they could configure and install software to do their job.
  • 22
    Font - Available-Election86 OP 10 hr. ago that happens too, I now send a list 10 miles long of all the softwares I need installed for a consultant to do his job. It takes them a ungodly amount of hour as they're not used to it. And it's for a 3 months job so it's a waste of time, really. Vote Reply Share ●●●
  • 23
    Font - kickapoo52022 +2.11 hr. ago I'm dealing with a similar situation. But my company has doubled down on the security regulations and we all still have to make tickets for support admins to do what we were able to in the past. Everything takes 2-3 times longer. I'm getting paid peanuts, so I'm looking for a new job.

Tags

Scroll Down For The Next Article