|  BlueWolf's Howl   | Comics and Art  | Higher Level  | Photography  | Poetry and Stories  |
|  Chess  |  Letterboxing  |
|  2003 Blogathon Archive  |   2005 Blogathon Archive  | 8th Layer Archive  | Blue702 Archive  |

BlueWolf's Howl

« Free Credit Monitoring? | Bluewolf's Howl | The Vista of Vista »

August 23, 2006

Who Do You Trust?

I guess you could read the title in many ways. You could put the emphasis on each of the four words in turn and get 4 slightly different meanings.

Information Week published an article (24 July 06) titled "Verdict's In: You're Never Too Safe From The Inside Threat" by Sharon Gaudin. It's about the trial of Roger Duronio - found guilty of computer sabotage for the logic bomb that hit UBS PaineWebber in March 2004. He was one of their System Administrators.

At some point, you have to trust your network to somebody. At some point, you have to actually trust them - so that they're not too handicapped to perform the job you're paying them to do. So how do you know they're worthy of that trust?

Well, actually that could be said about all your employees. How do you find the secretary that you trust with your official correspondence? How do you find the CFO that you trust with the financial management of your company? I think the answer is: you get to know them.

This is where the rub comes in. People want Magic IT. All of it should be performed in some nebulous global off-hours environment and should not interfere with your work. The elves should just all make it work in their little Keebler Tree and it should work no matter how you want to use it. Of course, they want you in their pocket and sitting by their side when they can't figure it out. But, you should just wave your wand and magically steer their clicks in the right direction - silently - so as not to disturb them with your geekiness...

Guess what? If you need to trust us, you should get to know us. Sure, some of us are a little 'different'... If we weren't, we wouldn't like this stuff so much. And granted, some of us could try a little harder to fit in. But, you really should make a bit of an effort to get to know your geeks. A little bit of social kindness in that desert goes a long way.

Earlier in that issue, an article by John Soat [Ten True Things About Technology] states:
"Only a small, self-selecting group of people refer to technology - software code, a network router, a Web browser - as 'sexy.' Those are the people you want working on your IT team."

Yes, you want the top people. But you want the top TRUSTWORTHY people. The Gaudin article focuses on the managerial protections that you can use to lessen the risk. It points to checks and balances such as a two-person process for coding (one writes the code, the other approves it before it can go live). Well, what's to prevent two people from acting together instead of a lone saboteur? Nothing.

The part that caught my attention was the information about his motivations. Apparently, Duronio was unhappy because his annual bonus was lower than he expected. Duronio was also convicted of securities fraud - since he bought nearly $25,000 worth of put options on UBS stock in the weeks before the attack. He was counting on the attack pushing UBS's stock price down, giving him a windfall that would make up for his bonus shortfall and fix his reported financial problems (according to the prosecution). WTF? Couldn't anybody do this? And why didn't anyone know he was so financially strapped? And what kind of bonus/yearly pay raise did he get? [Was it less than the yearly increase in the cost of living?]

I can understand an IT worker being disgruntled. We're expected to keep up with the latest technology - in our 'spare' time. It's been a very long time since I've even heard of someone being sent to training on the company dime. And after we put in all that time, effort and our own money -- we get diddley squat for an annual raise or bonus. Yet, some schmuck who spends the day surfing sports sites and schmoozing gets moved up the ladder and pampered at every turn. I'm sure they're really good at what they do -- because what they do doesn't change much! So yes, I can understand that he probably felt slighted. We all do. But we all don't let worms loose on our networks.

He'll probably never get another IT job again (after he gets out of federal prison). That's the thing that would bother me the most. Well, that's because I think routers are 'sexy.' And I also realize that there are plenty of shitty companies out there who don't value their IT people. But as I've said before... there's always a demand for those at the top. Become a top person - earn a top salary. And if it doesn't work out that way -- put your resume on monster.com and find the place that will offer you the salary you deserve. And keep bettering yourself in spite of your present situation. Eventually the good companies will be drawn to you - and it will all be worth the effort.

And in the meantime -- get to know us. That way you'll be able to tell the difference between me and Duronio. [He's the one with the beard.]

Posted by BlueWolf on August 23, 2006 09:05 PM