The San Francisco WAN Lockout incident is already written in the annals of IT history. I followed the development and the comments, and today i stumbled on a text Who is really to blame for the San Fran network lockout?. It does touch important issues, but leaves the white gloves on. So let's remove the gloves and point some fingers:
What was the situation?
- Apparently, Mr. Childs was the only person with unrestricted administrative right to manage the network, supposedly because of the incompetence of the other members of the team.
- The network is used to transport and manage all kinds of official documentation - including jail bookings and other law enforcement documents, payroll files, and e-mails
- He created an authentication scheme where only he had administrative access on the network.
- Apparently, the situation in points 1 to 3 was well know to the users and management, and was accepted as such.
- Mr. Childs clashed with the new Security Manager on the subject of authentication and control, which led to poor formal review
- The poor performance review and other undocumented power struggles led to the dismissal of Terry Childs and his subsequent arrest after he refused to relinquish the administrative passwords
- Terry Childs
- He played god and isolated all other network engineers from the network - thus preventing them from any chance to learn how to manage the network.
- He created and to date is enforcing the actual lockout that is the reason for all this ruckus.
- Terry Childs' direct line manager and the one level above
- They knew that Terry Childs had absolute control over the network and permitted that - If they were uninformed of the situation, they should be fired for gross incompetence.
- They did not create conditions for knowledge distribution and reduction of dependency on a single person (Terry Childs could have fallen ill or gotten in a car accident - they still need another engineer).
- They did not identify that there is a potential superiority problem with Terry Childs. This superiority problem usually manifests in insubordination when the control is taken away from a person.
- Poor human resource management - if all other network admins were so incompetent that administrative authority couldn't be given to them, why did they hire them?
- Top management
- They delayed or avoided implementing a security policy which Terry Childs would have had to obey.
- They did not create no single point of failure strategy for their personnel.
- Security Officer
- He did not identify a risk that the employee may cause serious problems and did not propose alternative workarounds - for instance - hire the equipment manufacturer professional services to regain control and lock-out Terry Childs.
- Entire line management
- Poor problem management - Once it became clear that it will be difficult to regain control over the LAN, they fired Mr Childs and called the cops. This only worsened the problem, since the cat is out of the bag, and the problem is still unresolved.
So, someone in the great City of San Francisco should now go around and actually look into the work of all named here, because incident caused by Terry Childs is just the effect, not the root cause!Talkback and comments are most welcome