General discussion

  • Creator
  • #2190000

    IT Admin “Was Fired” But… Was it a GOOD idea?


    by yowye ·

    There was an IT Administrator who had been fired from his Company, do to deliberate mismanagement of the companies network systems in order to acquire new products and software for which they proposed – was the best solution in order to fix the problem, however, A.S.A.V.M operates an internal investigation department… one which no employee had been aware of.

    They found in there investigation, that this IT Admin, deliberately mismanaged the net work to obtain software and hardware for both personal use and for personal private transactions.

    Now there is a new IT Admin running the show, which just became a circus… The old IT Admin, apparently created personal encrypted passwords which have locked in all essential files, and has been unsuccessfully decoded… now the company has become paralyzed by and Admin who no longer is with them.

    The first question is… If you were this new IT Admin, what course of action would you take?

    And the second question is… Do the companies you work for have back up plans for the unexpected… what ever the unexpected may be?

All Comments

  • Author
    • #3070319

      They sacked him

      by tony hopkinson ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      beore they obtained access to their own kit and a secured it from him ?
      I’d want to leave and go work for someone with a brain cell.
      You’ve only three options, rebuild the entire system, get the passwords off the ex-admin, or hire some people who can break in. The middle option is still the easiest.

      • #3070317

        Totally agree with Tony

        by neil higgins ·

        In reply to They sacked him

        if someone had done something no doubt totally against company policy,I’d expect them to be hauled up before the “top dogs”,and ordered to unincrypt the system,even if they’d been fired.Other than that,the “idiot” who’d set this chain of events in motion,so that the company ended up in this mess,should also be fired.Me,I’d be off to work for a more sensible bunch.

        • #3070721

          one for the lawyers

          by john ·

          In reply to Totally agree with Tony

          Either use hacking software to pull the passwords from the registry or run brute force software on the passwords and get them that way. You can even take the discs to a data recovery firm and have them obtain the data. Document everything and give those docs to the legal team. This is probably a federal offense.

          Inviting him back in to unlock the files is asking for trouble, no telling what he will do while he’s there! He could steal, corrupt or just break your systems, or commit any number of malicious activities.

        • #3070665

          I just went through this …

          by ·

          In reply to one for the lawyers

          I just went through this, I own a consulting firm in Scottsdale, AZ, where we offer outsourced IT services for companies. We act as their Chief Technology Officer, and they rely on us for everything from phone service and systems, to computers and servers, to copiers, etc.

          We recently had a run in with a client, where we would not release a password, until payment was made in full on the last invoice for service, as we didn’t think we were going to be paid. This client went nuts, and ended up calling other clients, making false statements to federal agencies, etc., so we decided that we weren’t going to be paid for the invoice, so why would we give up the password? It’s their fault for not demanding to know the password while we were all on good terms, I figure.

          Anyway, everyone always says that this is a federal case, when one won’t give up a password. I’d love to see the statute one is in violation of when they refuse to simply tell someone a password which they know? I don’t believe there is anything that can be done, except maybe a civil law suit, but proving that is a difficult thing at best to do.

          My 2 cents worth, anyway.

          Incidentially, we signed Non-Disclosure agreements will all of the rest of our clients after this client acted up, and we canned him, included in there, is an agreement about how the last invoice is handled, and how the password is handed off, if the relationship ends, so all works out in the end.

          -Toby Alan Dion

        • #3068802


          by tonythetiger ·

          In reply to I just went through this …

          That’s the equivalent of the landlord locking out the tenants for not paying rent, which is illegal in most if not all states. Though there may be no statutes now, I would not be surprised to see some pretty soon.

          It’s just a personal opinion, but I think you were wrong to not turn over the password, instead you should have taken the client to court for payment.

          “It’s their fault for not demanding to know the password while we were all on good terms, I figure.

          A company that takes intentionally takes advantage of its client’s ignorance is not a company I’d recommend to my associates…

        • #3068785

          Good analogy

          by mgordon ·

          In reply to Wow.

          Pretty good analogy. Another is a mechanic’s lien; if you take an automobile in for repairs, they do not have to give you the automobile back until you pay. Am I wrong? Anyway, I looked it up; it appears that in Texas, landlords can lock you out, in Hawaii, they cannot. This suggests that it depends on whether you are in a “red” (republican) or “blue” (democrat) state.

        • #3068774

          Further study…

          by mgordon ·

          In reply to Good analogy

          I see that even Texas makes a distinction between legal and illegal lockout. See paragraph 8, near the bottom of or in other words, lockout is permitted if certain procedures are followed. However, it also includes a rather bizarre requirement that even after being locked out, a former tenant can demand a key and get it within two hours or the landlord faces penalties.

          Now then, whether a contractor more closely resembles a landlord or a mechanic is something we may wish to explore. The landlord receives payment from the tenant, but the tenant has special protections because it is his domicile. In cases where this special case does not exist, I believe a mechanic’s lein is a better analogy.

          In the state of Washington, a mechanic’s lien requires only the provision of, and acceptance of, a written estimate for the cost of services. This creates temporary “ownership” by the mechanic; the titled owner of an automobile can be charged with theft for removing his car from the mechanic without payment. In this case cited on this page, the mechanic failed to provide a written estimate and thereby lost his rights under the mechanic’s lien.

          The application of these concepts to information services is fairly straightforward. the contractor is the mechanic and temporarily owns not only the contractor’s own work, but such of the client’s hardware and software as is being worked on (including passwords).

          Full disclosure: I’m not a lawyer, but maybe I’d be pretty good at it.

        • #3068586


          by tonythetiger ·

          In reply to Good analogy

          I don’t know. I was just offerring an opinion.

          I was most concerned with the “so we decided that we weren’t going to be paid for the invoice, so why would we give up the password?”

          and then “It’s their fault for not demanding to know the password while we were all on good terms, I figure.”

          The two statements seem incongruous to me. If he was entitled to the password “while you were on good terms” then it should have been provided to him then. Blaming him for something you failed to do seems “unbusiness-like”.

          It also seems illogical to do something to damage someone’s ability to pay because they won’t.

          Red State/Blue state? You give 2% of the population (the difference between 51 and 49) too much credit. Laws are enacted because situations arise requiring intervention by the government, nothing more.

        • #3068585

          Good Lawyer?

          by tonythetiger ·

          In reply to Good analogy

          maybe. Profitable? probably.

        • #3070893

          I am with…

          by eternal confusion ·

          In reply to Wow.

          You say things like “Takes advantage”. Exactly how does the consultant/contractor watch out for himself? This is a world where the burden of proof is almost always on the innocent. I would cover my arse the same way. Going to court, been there done that and it took over 6 months of never ending BS before it was settled and guess what, they do not pay you for time lost going to court!

        • #3044657

          Covering arses

          by tonythetiger ·

          In reply to I am with…

          A healthy start would be putting terms and conditions in plain language at the start, spelling out all of the forseeable “if/then”s at the beginning of the business relationship.

          In the particular example I replied to, it appeared that the contractor was negligent in not giving the password to the client at the beginning of their relationship, and only later using non-payment as an excuse. Most people I know would see a problem with that.

          Oh, and if you include the lost time in your claim, it is often compensable.

        • #3114947

          Right on…

          by twaka ·

          In reply to Wow.

          I agree with the previous post. Even though there are no loyalties either way between employers and employees these days, there are still certain obligations.

          The IT Admin was wrong, and the boss mishandled the situation. The organization is also paying for not having the proper policies in place and a proper disaster recovery plan. Too many times the treat is viewed as coming from the outside.

          There have been similar cases which ended in court and the company won! So beware.

        • #3068796

          Burn the Admin

          by wernerlr ·

          In reply to I just went through this …

          Toby described a completely different scenerio than Tony & Neil. Toby had a legitimate reason for denying password(s) from their client and should/probably would prevail in court.

          As far as I’m concerned, the admin described in this thread should be prosecuted to the full extent of the law.

          The admin apparently carries the ethics of a snail. Not only did he/she violate the policies of the company paying their salary, they also violated the principals that any reasonably ethical person carries.

          They abused the company system for their own personal gain and intentionally encrypted and held back passwords that the company needs to carry on their business.

          Certainly, immediate management carries some of the blame for allowing this to happen, but the admin bares direct responsiblity for intentionally making it happen.

        • #3068772


          by tony hopkinson ·

          In reply to Burn the Admin

          He caused a security incident so he could authorise the purchase of an enterprise security solution instead of relying on the windows firewall. Clowns who let themselves get shafted like this probably thought they were safe.
          Why he got sacked misses the point,there have been and are many law-abiding admins who could easily end up leaving their employers in a similar state.

        • #3057968

          only if

          by jeffersnet ·

          In reply to Burn the Admin

          Only if the admin was ever asked the password or if there was some policy that the password had to be stored in a certain place.

          No one has said that the admin was ever asked for his passwords.

        • #3070983

          Generally agree with wernerlr

          by user@# ·

          In reply to Burn the Admin

          The company does need a quick transfusion of brain cells to make sure this does not happen again, but the Admin has more than bent a few laws. At the very least, he needs to pay for all costs associated with regaining control of the programs, plus costs for lost productivity. It would be a lot cheaper for all if Admin just gave over the passwords. NO WAY do you let him onto the system without adult supervision– and there may not be any available at this company.

          Now, how do you handle this in the future when you are contacted about Admin’s past employment? Current law makes it difficult to say anything negative, but I would think one would be morally required to report the unethical (and probably illegal) conduct of Admin to any possible future employers.

        • #3046718

          Not illegal!!!

          by jeffersnet ·

          In reply to Generally agree with wernerlr

          Someone has to ask for the password. The problem with so many people is they rush to judgement. A good admin will keep his password secret and if someone fires him and doesn’t ask for the password I don’t see why that is the admin’s fault. As for the reason he was fired you should read the post because you will find that it does not say he broke a law or did anything unethical, this is just another assumption. The post says he used the company resources to buy something, it didn’t say it wasn’t work related. Maybe he bought something so that he could do a better job supporting the users. Remember, the post does not give the details.
          It is too bad that people always assume the worst out of everyone without checking into the facts.

        • #3043558

          Yes it is illegal

          by jmgarvin ·

          In reply to Generally agree with wernerlr

          You cannot “steal” IP from a company in such a way. The precidenct has been set!

          Also, the admin must give the incoming admin the new passwords and any other information that may keep the IT infrastructure from functioning properly once the previous admins leaves.

        • #3046403

          Probably more of a tort than a crime

          by stress junkie ·

          In reply to Generally agree with wernerlr

          I suspect that this is more likely to be a matter for civil court rather than criminal court.

        • #3115752

          Again, NOT illegal!! READ THE POST

          by jeffersnet ·

          In reply to Generally agree with wernerlr

          If you read the actual post you will see that it does not ever say he broke a law. It does not say that he refused to give the password or that he locked anyone out of anything. As far as anyone here knows he was never asked.

          It is a big stretch to say he broke a law, some of you just don’t read very well or always jump to conclusions. If you have the ability to solve problems with computers then you should be able to apply that to other areas. If you don’t have anything on your monitor do you assume the monitor died? I would check the power and look for other causes while some people here was just get mad and throw away a perfectly good monitor.

          THINK!!!!! USE YOUR GREY MATTER!!!!!!!!!!

        • #3115721

          Jeff I suggest you read the OP

          by jmgarvin ·

          In reply to Generally agree with wernerlr

          “They found in there investigation, that this IT Admin, deliberately mismanaged the net work to obtain software and hardware for both personal use and for personal private transactions.”

          Unethical behavior. This is the first glimpse we get as to how the admin acted and his ethics.

          “… The old IT Admin, apparently created personal encrypted passwords which have locked in all essential files, and has been unsuccessfully decoded… now the company has become paralyzed by and Admin who no longer is with them.”

          I think a lot can be infered here. No company were just “not ask” the admin for the passwords and stay dead in the water. Further, the Admin locked out essential files that the company need to operate and did not provided the passwords because they have “been unsucessfully decoded.”

          I think I agree with Stress that this is a tort, but IP theft can fall into the criminal realm (although I’m not a lawyer, I just know that IP theft is a fuzzy area as far as criminal vs civil suits)

          As far as using grey matter, the OP stated that the admin was unethical and implied that he/she would not give up the passwords….

        • #3115535

          I read it and I do not see anything illegal about what the IT Admin did

          by jeffersnet ·

          In reply to Generally agree with wernerlr

          Since this is the WWW we can’t all have the same standards as American’s would have. I usually assume that people are not guilty until there is some sort of evidence and it does not ever say in the post that there is evidence. You are trying to read between the lines and I just don’t see what you do between those lines.

          How about looking at this line, “operates an internal investigation department… one which no employee had been aware of.” The internal investigation department may not have any technical knowledge and may assume that since they can’t get into the administrator account then it must be encrypted. This secret group may not even have any experience, we don’t know because there just isn’t any information contained here to lead us to believe that they know what they are doing. If you were to read history books you would find many examples of people who did nothing wrong being investigated by secret units. I’ve seen people who have been taken to the cleaner because of some moron who has been put in charge of security and they get on a power trip.

          I do not get the impression that a fair investigation was conducted at all. I also do not get the impression that most of the people here would be willing to listen to the admin’s side of the story if we were able to figure out who he or she is.

          We do not know what the person was using the companies system to purchase. It appears as though the admin used his or her own money to purchase something using the companies time and contacts but was it to have a copy of something to gain more knowledge for work? I use my companies time to purchase books from Barnes and Noble so that I can fix problems quicker at work.

          While my experiences are not exactly the same as what is posted here I have had a run in with secret investigators in an agency. The investigators tried to go after an employee who was suspended because he had his position listed in his signature of his personal email. The employee wrote a supervisor asking when he would have his hearing and the signature at the end of the email contained his title and below that it listed his work email address. The investigators assumed that he was illegally using the agencies email system because of the signature even though the email came from a personal acccount. The same investigators went after an employee because there was a folder on a file server that was named with that employee’s name. The investigators assumed that the employee was responsible for all of the folder’s contents even though the whole agency had full permission to the folder. The folder contained pictures of women and even though none of them were nude they charged the employee with using the state’s resources for personal gain. The employee received a warning even though no one could prove who placed the pictures there. No one bothered to ask one of the system administrators for information on the folder.

          No, I never assume that any secret investigator knows what end is up and what end is down. I will also stick up for people who I feel haven’t been given a fair shake until I hear enough of the story to make up my mind. It does make me upset to see so many people being so quick to jump the gun.

        • #3115454

          Try comprehension then

          by oz_media ·

          In reply to Generally agree with wernerlr

          Reading something is useless without comprehension. In just about country, it is illegal to tamper with company owned equipment. As the OP stated :
          “this IT Admin, deliberately mismanaged the net work to obtain software and hardware for both personal use and for personal private transactions.”

          This is against the law, in most countries we use the term THEFT to describe such action.

          “The old IT Admin, apparently created personal encrypted passwords which have locked in all essential files, and has been unsuccessfully decoded”

          This would also be constituted as corporate sabotage and theft, if allegations of such encryption are correct.

          Now you have also stated that he was probably never even asked, which is a fair point also and I agree that in most similar cases, the admin would hapily give up such info as needed….but who knows what else he has installed, encrypted or hidden that he still has access to?

          Regardless of company policy, regardless of whether this is in America, England, Canada etc. This is still unlawful as it hinders the company’s ability to conduct business as it normally does in a day to day fashion. They have had the locks on the front door changed and they weren’t given the key. (perhaps that will allow you to see the issue here). Even if they called and he returned with the keys, he has STILL tken it upon himself to change the locks, which would also be just as ilegal.

          So while this would most likely be resolved by a simple phone call, what the admin has done IS ilegal by laws in most countries that I’ve worked in.

          So now we come to the investigators, they accuse him of locking out the system, yes that could be fraudulent if proven.
          You dont trust investigators, neither do I, the problem is the admin hasn’t provided his passwords, this is theft of company property, and if a simple phone call doesnt bring him to action, then a lawsuit should follow. As you say, give hi the benefit of the doubt, if he doesn’t offer ALL passwords and open access to ALL systems, have him arrested.
          The guy has made unauthorized changes to the system. He has left with private company information, which may even be used to access critical client data, passwords, employee information, financial records, etc. Again, he would be a theif in any country I’ve visisted.

          His ONLY, and I repeat, ONLY way of saving face is to return with all passwords and physically unlock all systems with the new admin present. At that point the company should then change all the passwords, restrict access and provide a strict, written company policy regading usage just so others understand the difference between shopping for office supplies and theft.

          With or without policy, with or without investigators and with or without speaking to the admin, he has broken the law and stolen from the company. He can either admit it and come clean, or face prosecution.

        • #3115916

          No brains, no headache OZ must not need aspirin

          by jeffersnet ·

          In reply to Generally agree with wernerlr

          OK, I give in. String him up, it will teach him a lesson. Let’s just cut off the hands of everyone who we think may have taken something.

          Who cares if the old IT manager really did anything wrong. This is just about finding a reason, any reason, to go after anyone. After all, if you are not able to lift yourself up in any way then the only way you will ever make yourself look better is to step on whoever you can.

          I don’t care what other stupid thing you have to say, I’m not coming back to this discussion again. While there are a few people here with the power to reason there are way too many without any reasoning power like OZ.

          Hasta la bye bye, I’m out of here….

        • #3116701

          Oz, I think you hurt jeffersnet feelings

          by jmgarvin ·

          In reply to Generally agree with wernerlr

          I think he might be crying in a corner RIGHT NOW…

          What do you have to say for yourself!!


        • #3120220

          Yes it is a federal case!

          by jimpen ·

          In reply to I just went through this …

          “At the time, a relatively new statute made computer sabotage a federal offense if it affected a computer used in interstate commerce and caused more than $5,000 worth of damage to the company over a 12-month span.”

          It is a federal case denying access to a companies property (data).

        • #3068712

          Iron hand in a velvet glove

          by mdisbury ·

          In reply to one for the lawyers

          You can nicely ask him for the passwords, failing that suggest that the matter will be put into the hands of the legal team, followed up by discussing the matter with every agency in town to make it hard for him to get another job.

        • #3057972

          ask first

          by jeffersnet ·

          In reply to one for the lawyers

          From what I’ve read so far I am not sure that anyone asked for the password. A good admin is going to keep the passwords secure and there is a good chance that this person would just tell the new IT manager the password. Of course there are a$$holes out there who would rather go after someone when they are down because some people have no other way of making themselves look good to others. Bad managers build themselves up by stepping on other people.

        • #3072475


          by timbstoke ·

          In reply to ask first

          Part of a good IT admin’s responsibility is precisely to keep the network passwords out of the hands of users. This includes senior management, as much as they would like to suggest otherwise.

          In the fired admin’s position, I would want a written request from one of the company directors, detailing exactly who I was to pass on my responsibilities to, before I would release any passwords to anyone. If there wasn’t anyone in the company who the director was prepared to hand over responsibility for the companies entire infrastructure to, I would leave an email and snail address with the company, so that the director could get in touch when such a person was available.

        • #3044968

          I agree with John

          by brent ·

          In reply to one for the lawyers

          If he can get away with what he’s already done for as long as he did, the last thing you want to do is let him back in. Bruteforce or a Data Recovery Firm would be my choice as well. With documentation for proper litigation if needed.

          However, from the admins point, it was his responsibility to maintain security. Giving up passwords to the wrong people would most definitelybe a violation of that responsibility, no whether or not he’s been fired. If I were him, I would have left contact info, or requested my replacements public contact info, to pass on the necessary passwords and such. This assumes that I didn’t feel jaded in some way by the company that let me go. If I did, I might be a little less willing and then simply let them come to me.

      • #3070217

        Warning? No Back up?

        by duct_tape101 ·

        In reply to They sacked him

        Before Canning him did they give talk to him giving a warning to stop this type of activity? I agree that there needs to be a backup system. This should be the First thing when seting up any system Back-up. Maybe they Did the man a favor by canning him. Like Tony said go work for some with a brain Cell or 1/2 half one

        • #3059935

          Talk to him?

          by 2manycerts ·

          In reply to Warning? No Back up?

          “Hey could you not mismanage our network and steal from us? That would be nice. Um, oh and by the way, can you decrypt everything and give us your passwords? Thanks”


        • #3070611

          If he did what the guy said

          by tony hopkinson ·

          In reply to Warning? No Back up?

          it’s gross misconduct that’s instant sack and potential prosecution for fraud.
          However a bent admin is not the problem, the real problem is he was the only one with the passwords.
          What if he’d got dead, or even hospitalised, what did they do when he was on holiday ?.
          This situation reeks of unprofessionalism on all sides.

          Ignorance is not an excuse it’s a reason.

          However they get out of this, if it was me taking responsibility for sorting this situation, I’d make a definite point of doing it right. Someone above this admin, either had his head in the sand or someone’s ass.

      • #3060435

        I would ask

        by jdmercha ·

        In reply to They sacked him

        Who in their right mind has only one person in the company with admin access. Never mind being fired, what if he/she got hit by a bus on the way to wowrk? You’d still have the same problem.

        The admins boss should have the same level access. Even if the boss is not an IT person, they can at least hire a consultant to do the work with the boss’s account.

        • #3059927

          president, evp, ceo. et. al.

          by jeremiah2911 ·

          In reply to I would ask

          jdmercha u’r right, president,evp should have same level access even if he/she is not an IT person, anything can happen to those gurus… maybe hit by an ambulance! … : )

        • #3070769

          et al? I don’t agree

          by jforan ·

          In reply to president, evp, ceo. et. al.

          You do NOT want anyone having any more access than is absolutely needed. If you have the staff, you shouldn’t even have more than a pair of “enterprise admins” (for lack of a better term, not necessarily the MS group name) per region. It’s a bad idea to give the right to accidentally destroy any and all systems to a guy who may be great with numbers, great with “closing the deal”, and great with managing people, but clueless about the ramifications of trying out the latest tip from his high-school-age kid.

          The best executives I’ve worked with understood their roles, and they understood that this most often means they don’t need admin level acces. Why would you risk it, especially if you have compliance issues to worry about?

        • #3070610

          They don’t need access

          by tony hopkinson ·

          In reply to et al? I don’t agree

          They need to know where to access the access, so they can pass it on in the event of an interuption in service. They’d have had the same problem if this guy was underneath a house in Kashmir, or visting his relatives in New Orleans not so long back.

        • #3060698

          Password Override

          by toad464 ·

          In reply to president, evp, ceo. et. al.

          When setting up computer a password that subseads all other passwords and can unlock all and any part of the computer and software this password can also change or remove all passwords bar its own this password is used only by the ceo or full owner of the company and if its dune right you don’t even need to be an IT Pro to do it when other people use a system that can be tamped with or when a person whom could be fired or just leave for what ever reasos should not I repeat should not have access to the main control password they all should use secondary and third passwords depending on the needs and the persons job fuction.

          Thomas the Toad

        • #3070772

          due diligence

          by davidvangelder ·

          In reply to I would ask

          In my position I keep a spreadsheet of all my vendor contacts complete with account numbers and passwords, all the software CD keys, and every single thing that reuires a logon name/password. I also keep my Administrator password here, and my personal password as a Domain Admin in it. About every month I give a copy to our Business Administrator ‘just in case’. I owe them this as part of my responsibility to be the caretaker of the network and their data.

        • #3070622

          I agree

          by dryflies ·

          In reply to due diligence

          Each time I go through a password cycle, I record all of the passwords, software keys, license details, and computer inventories on a CD. The CD is sealed in a jewel case and put in the Lead administration office Safe Just in case I win the lottery. (It’s much more fun than being hit by an ambulance 🙂

        • #3057936

          what if they don’t ask the business manager

          by jeffersnet ·

          In reply to due diligence

          OK, depending on the company size and other factors the business manager may not have been asked for the password in your situation when you get fired (not that it will really happen)and so now there are a bunch of people suggesting coming after you. Now, if the company is run by a jerk who doesn’t want to look bad in front of the County Attorney then this business manager may have been told to keep his mouth shut when they finally figure out that the old IT manager wasn’t such a bad guy after all.
          This kind of crap really does happen. Make backup plans for backup plans for backup plans for CYA purposes.

      • #3069770

        He was the Guru?

        by ozi eagle ·

        In reply to They sacked him

        If he was the Guru of IT at the company, the rest probably didn’t have a clue to what danger they were in. I mean if one truck driver “dies” you just hire another, don’t you.
        They obviously have no appreciation of IT and its traps.

        • #3069550

          Now there’e a scenario

          by tony hopkinson ·

          In reply to He was the Guru?

          we have no experience with in IT.
          All my colleagues agree with me.
          Mr Spanner, Mr Driver and even Miss Hammer.

          Sounds like a classic case of no management let him get on with it followed by an executive extremity and then what’s known in technical circles as a cluster****.

        • #3059939

          Crazy and Lazy way to do business

          by teajay9001 ·

          In reply to Now there’e a scenario

          Actually managment should have took a hit on this one. To entrust a single admin with you entire network/business infastructure is a piss poor manangment/security practice. ALL passwords should be documented and locked in a safe with dual control access. A company policy with full manangement involvement should be developed and carried out to the tee. I agree with Tony the company should lick thier wounds and hire his ass back. Then develope and administer the policy have him sign it then give him a permanent layoff.
          (just keepin it legal).

        • #3059932

          Hire his ass back?

          by 2manycerts ·

          In reply to Crazy and Lazy way to do business

          “Sorry we fired you for STEALING. Gosh, can you come back and decrypt everything? And give us your passwords? Thanks”

          Seriously? The guy is a THIEF. Do you think he would ever do this?

          “Um…why do we need it decrypted? Uhhhh… special reasons… No, we would NEVER fire you. Oh yeah. Okay, we would never fire you AGAIN”

        • #3059907

          Reply To: IT Admin “Was Fired” But… Was it a GOOD idea?

          by lsmith1989 ·

          In reply to Hire his ass back?

          HAHAHAHA… This sounds like a line that came out of Office Space the movie.

        • #3070663

          Don’t bring him or her back!!!

          by thetech ·

          In reply to Hire his ass back?

          I must say what he did is ever funny, as for removing the password. Well I see some of you mention going to a data recovery lab that?s will work if you willing to send upward of 20,000. Or more. You can always try other Ideas here are some site I have seen.

        • #3070602

          I did n’t say hire him !

          by tony hopkinson ·

          In reply to Crazy and Lazy way to do business

          If he was defrauding the company I’d prosecute his ass. Part of his show of guilt for it would have been the professional way he helped pass over his reponsibilities.

          When I said ask I meant.
          Stage 1
          As a fellow professional …
          Stage 2
          We are initiating legal proceedings …
          Final Stage
          Give me the passwords or you get a visit from my friend Critical Bill.

        • #3068936

          Rule of Two

          by wayne m. ·

          In reply to He was the Guru?

          I can’t really tell from the description whether firing was justified or not. The issue people should take away from this, though, is the risk associated with relying on a single individual.

          One rule I enforce on every project I run is to have at least two people involved in every task. In addition to redundancy, this provides some side benefits. This is an excellent way to train someone in a new technology or task; the expert can serve as a mentor. This also allows the expert to work on his leadership and communication skills. Lastly, because the work is shared, the expert now has time to learn a new skill in a different aspect of the project.

          This is not an IT issue or reflect a lack of knowledge of IT. Every position in the company from CEO to worker on the loading dock needs to have someone who can step and fulfil his responsibilities. Yes, I really mean all the way down, because I have seen major projects and proposals nearly come unhinged because no one knew how to send an overnight package. Duplicate all job roles.

        • #3060018

          Can I work for you?

          by bwohl ·

          In reply to Rule of Two

          Wow…that budget must be awesome – 2 people where only 1 is required?

          You work at GM or Microsoft?

          (Can I bring my friend…you need two?)

        • #3059933

          Let me work for YOU!!!!

          by teajay9001 ·

          In reply to Can I work for you?

          A good manager seeks end results. If I put all of my eggs in one basket and drop the basket I’m through. This guy who got fired, suppose he got hit by a car, got sick or even died. The company is in the exact position. I tell you what, you bring your friend and I’ll fire you BOTH.

        • #3070768

          The Cost is Not Double

          by wayne m. ·

          In reply to Can I work for you?

          The cost of having two people able to do any task is not double, and the planned costs for training the second person needs to be compared to the unplanned costs incurred when a single source is not available.

          When training the second resource, there is a short-term duplication of effort, but once trained, duties can be split. The split does not need to be 50-50, but the backup should have enough work to maintain familiarity. This frees up the primary to be trained and serve as a backup.

          Even in a one-man IT shop, it is valuable to train one or more non-IT personnel on IT duties. I guess, though, there are some people who prefer to get paged on a day off when a tape backup fails or some other glitch occurs.

          Duplication does require some extra costs, but these can be planned for. I prefer this approach to hoping that a predictable disaster (e.g., someone being absent for a day or indefinitely) will not occur.

        • #3070707

          A wise man once said listen to Wayne

          by xerxes612 ·

          In reply to The Cost is Not Double

          Wayne has the right answer. It sounds like you have run a few projects in your lifetime. Plan ahead, life is similar to a chess game.

          Comment: Kind of a Monday Quarterback answer. This is a fix you don’t want to get yourself in to begin with. Seems you will need to pay big bucks for a security firm to come in and decrypt passwords. Hiring back is not an option you want to even think about. If thi man was sabotageing the network to get new products he would raher work with, I wouldn’t let him back on the property. Matter of fact, maybe not even within wireless range.

          Good luck in your endeavors.

        • #3070615


          by too old for it ·

          In reply to The Cost is Not Double

          A company that does not limit stratigic thinking to next Friday’s earnings forcast.

          Where do I send my resume?

        • #3068845

          it’s not just in it…

          by jaqui ·

          In reply to The Cost is Not Double

          my habit, even when I worked as a cook was to train all my co-workers to be able to handle every position in the kitchen. since I was usually shift boss, I made sure everyone I was working with could do my own job. maybe not as well as I could, but they had the skills needed.

          about 3 weeks after I got everyone up to speed, I had management tell me I was indispensable. I told them I wasn’t. ( and took a week off without notice ) they got the point real quick on the value of my habit. every person who regularly worked with me was able to handle the shift.

        • #3070656

          Cost of Doing Business

          by mgordon ·

          In reply to Can I work for you?

          I concur with the two person rule and there’s slightly more to it than that — they should be cooperative but not “best buds”. As the old saying goes, “Who is watching the watcher?” You have two admins able to watch each other, cooperative but maybe slightly suspicious of the other one. Maybe each has a sniffer; everyone knows it and keeps the admins honest.

          It would be expensive if people think “inside the box”; two network engineers, two server admins, two helpdesk staff, etc. But a smaller company can keep the two without busting the budget quite easily; it is what we called in the Navy “collateral duties”. One person is the network engineer and another the database administrator (DBA). The Network engineer obtains SQL knowledge and is the backup DBA. Not an expert, but a backup. Likewise the DBA can obtain some Cisco training, maybe get CCNA certification. That way you may, on paper, still only have one of each, but in fact, you have two of each.

          I am emphatic about this and spend typically 1/10th of every day training my subordinates in my skills. I’m also a Boy Scout leader and do the same thing; if a Scout can do it, the leader should not. Likewise at work. In many areas I am the expert. This produces strange results — upper management is often quite young and does not comprehend the strategy — I’ll take a tier 1 helpdesk call so that my new technicians can work on a complicated (to them) database or Cisco problem. They don’t want to be Tier 1 forever and I want to go on vacation someday! They must learn my skills so I drill them pretty hard sometimes and to make it so I sometimes take the easy or tedious stuff like installing a printer driver for the 500th time.

          Sometimes younger people do not recognize what is happening and suppose that the elder is just lazy; but in fact the elder is surreptitiously watching carefully to head off disaster in case what the junior is about to do would be a Bad Thing.

          Some of my best mentors were real a**holes that made me angry and thus I became motivated to show my stuff.

          One solution to the obvious problem of making the CEO an administrator (he is not so where I work) is an ‘escrow’ where the boss or secretary keeps certain critical information.

          Companies that do not think of this are obviously lower on the Darwinian evolutionary scale and may not survive a shakeout event such as a rogue administrator taking the keys of the kingdom with him.

        • #3060007


          by oz_media ·

          In reply to Rule of Two

          You are right, you can’t tell from the description nor would anyone [b]really[/b]know why unless directly involved.

          I find in most similar situatios, it’s not the final action that created the decision. It’s often for other reasons and they were just looking for SOMETHING to justify their want to fire him to begin with.

          It does sound like the guy had a few irons in the fire, was interested in other things and was a bit sketchy, trust wise. But him, just like anyone else in the world, won’t curl up in thefetal position and wait to die, he’ll just move on to bigger better things, the company will grow bugger and better and life goes on.

          He is a thieving ba*tard though, I’d nail him to the wall for it.

          Then again, due to the company’s own inaction, hey may not even realize they are locked out. A quick phone call, now he’s probably cooled a bit, is likely to result in his happily offering all passwords.

        • #3059929

          …whether firing was justified

          by 2manycerts ·

          In reply to Rule of Two

          “…deliberately mismanaged the net work to obtain software and hardware for both PERSONAL USE and for PERSONAL PRIVATE TRANSACTIONS.” [caps added]



        • #3070773

          Have the new IT guy call…

          by thesnowfamily ·

          In reply to …whether firing was justified

          I think the only way they will get the passwords is for the new IT guy to call. “Hey dude, listen I don’t know you and had nothing to do with your getting fired. I realize your probably pissed at ABC Company but my life is crap right now because they are breathing down my butt to get these files open. Can you please help a guy out of a mess?”

          Might not work but I think has a better chance then the guy who fired him calling. I also find it hard to believe the files cannot be hax0red. Sounds like the company is just too cheap to pay the right amount.

        • #3070802

          I agree

          by issinho ·

          In reply to Rule of Two

          You know, I agree with this whole “Rule of Two”. Sure, the ideal (and cheapest) way to go would be to only have One admin. Lord knows we all want to be The ONE! C’mon, how realistic is it to only have one person in control of everything?
          The company I work for has an entire team devoted to network and system administration. That way, in the case someone leaves the company (on good terms or not) you still have others with the “Power” to administer the system. Sure, the other members of the team are probably not paid the same as the team Lead, but they still have all the same rights and privileges that he has. It is very feasable and doesn’t require a huge budget to have an additional admin. Simply start them out a little lower and with a different title. Then, make your current Admin. the Lead admin. Is that so hard?

        • #3070775

          Three deep…

          by just watching now ·

          In reply to Rule of Two

          Heartily agree with the rule of two, but it’s a minimum. Back (in ought eight) when times were flush, management tried to keep all skills in the hands of three people.

          In today’s world, one deep suffices. So this one admin was a 24/7/365 one-man show? May have been a little bitter, too.

          Do a simple cost benefit on all three proposed fixes above. The hacking company won’t come cheap. Rebuilding the system won’t result in the same system. I’ll bet the old admin would give you the passwords for a few thousand bucks.

          Take it out of the education budget.

        • #3070641

          Management dropped the ball

          by abrannon ·

          In reply to Three deep…

          Management should have documented everything before the fired him. There are plenty of reasons why you would need password/server builds/network setup documented. After they fired this guy they should have forced password changed company wide. My current employer had a similar situation occur and they did exactly what I suggested. When one person didn?t change his password the ex-IT guy logged in and sent some bad email to a few people. End result is Document Document before you get rid of the guy that runs the show. When he leaves make sure you?re now the only one with access. Management should swallow their pride shell out the $$ to get a legitimate password cracking service to open things up.

          As far as the current IT guy goes, I would help this company get their IT in shape then leave for better waters.

        • #3068701

          Importance of documentation

          by dfnet ·

          In reply to Management dropped the ball

          I agree the importance of documentation. This should be part of IT management to ensure the continuity of business. What happend if the only “know all” guy had a misfortunte and cannot come back to work? With proper documentation the company can ensure smooth transtition with minimum disruption to business. Although it is tedious to maintain good documentation of everything but at the minimum there should be a good disaster recovery plan, and this is what a “disaster” can do to company….

        • #3070718

          Rule of two is correct

          by john ·

          In reply to Rule of Two

          When I started with my company, it was a one-man IT shop before me. I spent the first year wrangling with management and the admin to get a full set of passwords for everything, and the admin guy made it real difficult. It took pressure from the top, but as soon as I got them I made up a spreadsheet and gave a copy to each of the owners of the company. I told them that these passwords are your property, along with the data and systems that they protect. I feel lucky that I was able to do this before any real need for it surfaced.

        • #3068783

          I wish my company that was that intelligent

          by ssampier ·

          In reply to Rule of Two

          We have the same problem in my company. The IT staff is fairly role specific (system admin, network adminstrator, etc), so anytime someone is gone on vacation or sick, we are stuck; we have no one else to turn to. I would even be willing to shoulder some IT burden with only a slight increase in pay (2% should do it).

        • #3068732

          he’s not drinkin!

          by davidvangelder ·

          In reply to Rule of Two

          He works for Booz! Wayne you MUST work for Booz Allen, that is textbook BAH…and you are right of course…it’s also a great way to build team unity and share successes.

      • #3069648

        Why was he sacked?

        by sheiba ·

        In reply to They sacked him

        The company must have checked the admin out before he was hired. Obviously he was OK. Did they sack him for being inefficient, incapable or was he doing something illegal? If the latter call the police, you may get the passwords that way. If he was sacked for other reasons then have a good look at your hiring policy!

        • #3070672

          Re Read the Original Post

          by whiteknight_ ·

          In reply to Why was he sacked?

          Sheiba, the original post stated
          “They found in there investigation, that this IT Admin, deliberately mismanaged the net work to obtain software and hardware for both personal use and for personal private transactions.”

          Is this not sufficient reason for you?

        • #3068775

          Read the post, MAN!

          by code4life ·

          In reply to Why was he sacked?

          The original post explained he was fired for illegally downloading software using company network. What part of *ILLEGAL* don’t you understand?

        • #3068741

          Reply To: IT Admin “Was Fired” But… Was it a GOOD idea?

          by pickleman ·

          In reply to Read the post, MAN!

          Uhh, no.
          Actually, the original post says no such thing.
          At no point was there any mention of anybody downloading software illegally.

        • #3053535

          First things first. Locking up data actionable…

          by boomslang ·

          In reply to Why was he sacked?

          If you have a lawyer worth his salt, this guy could be put up on felony charges if he does not divulge the passwords. Tampering with or intentionally destroying your comany’s data can and does land you in the clink.

        • #3046473

          ummm….. didn’t really read the post, did you?

          by jeffersnet ·

          In reply to First things first. Locking up data actionable…

          As far as you or anyone else here knows the old Admin has a folder on or in his old desk with the password that nobody has asked for. Or do you and about 3/4 of the people here think the admin should of had a huge neon sign made with the administrator password flashing for all to see.

          I am so glad that I don’t work with you or anyone else who assumes they know things that are never stated.

          If you fire someone you first need to ask for the passwords because you must have been too stupid to have a plan in case something happened. Failing to ask for the password does not place the blame on someone else.

          We don’t know if the firing was really justified but since people are wanting to assume so much here lets just assume that the old admin didn’t feel it was justified. Now, with the old admin headed out the door do you think he or she should have stopped and said, “Wait, I want to tell you where I wrote down my administrator password that no one seems to care about.” NO WAY, the admin should have just walked out and let them worry about figuring it out when he knows they never cared enough to plan this out.

          I change my password from time to time and I do not announce my new password nor will I ever announce my password or put it up on a post it note for all to see. In my current job there are plans in place in case one, two or even three people with that much permission has to be replaced at any time. We never know when a tornado or something may keep a few people away. In my last job I made plans and documentation but I know that a lot of people in administration won’t be able to remember where the information is kept because they just don’t really pay attention to what the IT people say. Just about everyone makes a plan of some type but sometimes you just need to ask.

        • #3115303

          Ok, what did you base that on?

          by boomslang ·

          In reply to ummm….. didn’t really read the post, did you?

          [quote]Now there is a new IT Admin running the show, which just became a circus… The old IT Admin, apparently created personal encrypted passwords which have locked in all essential files, and has been unsuccessfully decoded… now the company has become paralyzed by and Admin who no longer is with them.[/quote]

          So, is this a case of his personal user account and EFS with a forced password change that now is denying access, is it a case of a lost admin password, or rather that he went in and applied his own encryption to critical company data?

          Sounds like he intentionally locked up the data to purposefully deny access. Activity like this has been successfully prosecuted in criminal law courts and any company with a lawyer on retainer is going to head in this direction whether you or I like it or not.

        • #3115910

          missed my point

          by jeffersnet ·

          In reply to Ok, what did you base that on?

          I was just saying that from what I read I am not so sure anything was done by the old admin with the intent of locking anyone else out and maybe the old IT admin was just trying to keep the admin password secure. I just don’t trust secret investigators who may or may not know anything about IT. The secret investigator comment in the post was what set me off.

        • #3115847


          by boomslang ·

          In reply to missed my point

          Some rules with computers…

          1) Never do anything illegal on a computer. The only way to remove all traces of activity on that machine are to do a full hard drive wipe with multiple overwrites.

          2) The fact that the drive has been wiped is a good indicator that it once held data that the investigator needed to see and depending on the size of the business and what they do, this may be a crime.

          3) Even if you do wipe the computer, there are always logs just about anywhere that show what activity has occurred.

          4) Most Evidence Eliminator programs don’t. If you are using the computer for what you think is harmless activity, all it takes is a good session with Ontrack Easy Data Recovery to bring a good portion of all the e-mails and sites that were erased unless you are running something like BCWipe to wipe slack space. See 2)

          5) And here’s the big stickler… Never trust anyone to believe something was done innocently. IT is always viewed as having too much power because the people you work for usually have no understanding of or wish to understand the technology you work with. Never do anything shady to begin with because your reputation is on the line. Shoot straight and be ethical for your own sake and never rationalize or justify diddling the company you work for… It is better to find a new job than try to get even with imagined or real slights by your employers.

        • #3115301

          Be glad you don’t work for the company down the street…

          by boomslang ·

          In reply to ummm….. didn’t really read the post, did you?

          Agreed upon that the owner of said company, “Kenny” is an extremely hard but in his own way, fair person to work for.

          Anyway, they are a company with some quite high tech computer driven metal machining equipment. One of the employees got disgruntled and decided he would bring the operation to a halt. He took one key computer in the engineering department, put it in his car and drove to his California digs. Kenny got word of it and decided to hunt the guy down. In the resulting fracas, Kenny stuffed the business end of a Colt .45 up the guy’s nose and proceeded to tell him all the ways Kenny could make his life difficult in the presence of Kenny’s brother and another of the employees who came along for the ride. They got the computer back. Whatever Kenny told the guy must have impressed on him that insanity is not a good thing to come up against because he never pressed charges.

        • #3115908

          that is illegal

          by jeffersnet ·

          In reply to Be glad you don’t work for the company down the street…

          Now, that is against the law in anyone’s book for sure.

        • #3115859

          Yep, completely and totally…

          by boomslang ·

          In reply to that is illegal

          But a really good warning that as someone with a little power in IT thinking that they can walk away with the store because they feel they have been slighted can lead to rather deadly situations. I relate it to make a point.

          If you are an admin and you are working for a company and you think that you are justified by NOT TELLING THEM THE PASSWORDS when you leave, make sure that you are not working for an ex-Navy SEAL or any type of war veteran. They once operated under very different rules than you have and if they saw combat, they know how to wield some very scary power, and they just might not care about the legality. The best bet is to early on, find another job if you work for them.

          Same goes for any city where you have any type of organized crime. It takes nothing to happen to know a member of the local Cuban or Russian mafia who’s willing to take a swat at you for a small favor.

          You might think that what the company has done to you justifies your actions, but locking up their data resources is unethical. If you did it intentionally, there are worse things than civil lawsuits. Your national government after all has, under the PATRIOT act, redefined a lot of minor things out there as terrorist acts. Who you work for and what you do can mean the difference between being in a managerial spat where no one wins and hotel greybar time.

      • #3059930

        Documentation Documentation Documentation Documentation

        by holdupmaster ·

        In reply to They sacked him

        This scenario should never have occured.
        Good system administrators keep documentation on design / configuration / and builds. These are active documents that managament also have access to. They are invaluable in Disaster Recovery scenarios and in environments where there are multiple admins and also so that workload can be transferred, for holidays / people leaving.

        All sysadmins should have proper documentation of there system. In my opinion not doing this is not doing the job properly. Dont whinge about doing it, as it will save your skin in the future, and also enable you to bring juniors into the team more easily… You can just give them documentation to read, a build / config doc etc etc.

        Password documentation, or password management software should be in place and the information stored securely. If he hadnt been documenting his system I’d have sacked him long ago.

        • #3070782

          I agree, but….

          by mscidba ·

          In reply to Documentation Documentation Documentation Documentation

          If that were the criteria for firing administrators, there would be a HUGE amount of “forced turnover”.

          As a consultant, the companies I’ve entered where that information WAS documented is definately in the minority. And, oddly, it seems to have nothing to do with company size (i.e. I used to think larger companies would be more structured).

          Lucky for me, that’s often one of the first recommendations I make and get paid to complete.

        • #3071060

          GOOD Admins….

          by stuart_at_oz ·

          In reply to Documentation Documentation Documentation Documentation

          I think the key phrase here is GOOD system administrators…..


      • #3070824

        Admins are not support people

        by gkchege ·

        In reply to They sacked him

        IT has been for a long time left without clear reporting functions. Employers MUST insist on more than one person doing the data security. Most have an admin who doubles up as manager and maybe even support person – ‘the IT guy’. In such cases, only one person has relevant/crucial passwords. It is then easy to be held hostage. Still, if the damage is done, the best option is to pay the former admin handsomely and get the system up, then do it right with the new admin.

        My advice for the new admin, either recommend the best option or get ready to rebuild the systems. Worst case scenarios, go underground and find hack specialists!

      • #3070792

        Isn’t it pretty to think so

        by givemejava ·

        In reply to They sacked him

        Somehow I doubt that this guy will be all that helpful if you call and ask for the passwords. You should try, but I expect he’ll just laugh in your face or attempt to charge you $1000 per hour in consulting fees.

        Where was the management? Why were they not insisting on thier own seperate authentication for these files? These boobs deserve the punishment they are getting for thier own stupidity.

      • #3070755

        Hoo, boy, do they have trouble

        by jackuvalltrades ·

        In reply to They sacked him

        Tony and Neil have hit the nail square; There is really not much other recourse. I also agree that jumping ship is probably a wise idea in the long run. Fix it up, be the hero, get the gold star on your resume and get out, quick. It sounds like this company is going to be looking for a bunch of fall guys to shield themselves from their obvious screwups.

        • #3070742

          I am an IT Dept. of ONE

          by aaron ·

          In reply to Hoo, boy, do they have trouble

          I have read most of this discussion, and see a lot of my own company in this. We are not very large, and at present time have no need for more than a single Admin/Engineer etc. Right now, I am all of these roles. Whenever I deploy anything, I keep hard copy notes of everything I have built, and generally print the “how to’s” or at least install directions for every open source and other application I compile and setup. I have a hard copy in a filing cabinet of every important .conf or similar file. I have detailed network diagrams of everything piece of my network. Most of which didn’t exist when I took over from an external consulting agency that was previously fulfilling my duties. Everytime I change an admin password I document it, and make sure my boss (the CTO) has it stored securely. This is just as much for my own protection as this company’s. It is plain and simple, this is the difference between a “paper cert.” and real world experience. I insist on at least one other person knowing nearly everything I’m doing or not doing on a weekly basis. Again, mostly for my own protection. I find absurd that management didn’t require this of that particular employee, however previous to my coming on board my company had been in a very similar situation with another consulting agency. Clearly this particular individual deserved to lose his position, however there is no excuse for management’s conduct either. Hopefully they have learned (a very costly) lesson.

      • #3068676

        Easiest ? My…my…

        by system sitter ·

        In reply to They sacked him

        If the case is true. The issue here is no longer about best practice… it’s about personality, attitude.. trust.
        Which means the network itself no longer can be trusted.
        It’s most unfortunate (financially AND technically) but I don’t think there’s any choice at all. Rebuilding is the only way.
        Pay attention though… rebuilding doesn’t mean overnight.. it is manageable. Some can not wait… but many can be sort out as the company go along…

      • #3071788

        It’s theft

        by server queen ·

        In reply to They sacked him

        Walking off with either passwords or company data still in your possession is no different from retaining your key to the front door, or keeping your company-issued laptop or credit card. It is theft, as electronic information is still “property.” That case has been fought in court many times; the former employee would lose. You do not have the right to retain passwords to the systems of a position from which you have been terminated. Contact the former employee and require the passwords. If the employee does not provide them, then legal recourse should be taken – JUST AS YOU WOULD DO IF THEY STOLE ANYTHING ELSE.

        Whether or not the employee was truly malfeasant is not an issue. The issue is leaving a company while still in possession of company property. If it is not promptly returned, it is theft.

      • #3060793

        agree with Tony as well

        by rbtux ·

        In reply to They sacked him

        Best way is to contact ex-admin before it gets to late and issues become out of hand, and secure any type of back doors the ex-admin might of put in to protect yourself. Work on policy’s as well for company to go by for future issues of same nature.

      • #3043609

        No Good Deed Goes Unpunished!

        by thumper1 ·

        In reply to They sacked him

        I worked for a firm for seven years as the Network Admin. During that time, the network had a total down time of four hours. They asked me for a network upgrade proposal which I gave them in detail, including wanting to bring in a server consultant to insure a smooth transition. They said ?Thank You? Nothing more was said for four months. I thought they decided not to proceed. Next thing I know, they are announcing a total network upgrade. They went to the consultant I was going to use and hired him. Luckily, I had made arraignments for other employment. Had I not, I would have been let go. My reward for maintaining a reliable network was to be outsourced. No good deed goes unpunished.

    • #3070302

      I’ll Tell You What I Would Fire Someone For

      by prwexler29 ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      Bad grammar! “…do to deliberate…” “…net work to obtain…” “…paralyzed by and admin…”

      Sorry to sound like a schmuck, but, oh my God, forget about firing someone for fraud when you should fire them for being “dyseducated!”

      • #3060516

        Forget about firing someone for fraud?

        by ·

        In reply to I’ll Tell You What I Would Fire Someone For

        OMFG! You don?t just sound like one, you are a schmuck! Or maybe, yet another displaced, out-of-pocket, better-than-thou English major, so convinced of their own sense of superiority that they can’t even follow a simple topic without interjecting their own “righteous” values upon everyone else.
        So the grammar was bad, could you follow the intent? Or are you so wrapped-up in sentence structure that you fail to see the worth of any statements not sent through spell check?

        To answer the question, I have to somewhat agree with Tony Hopkinson; but I only see two options as opposed to three: 1) rebuild, 2) get the passwords off the ex-admin. I do not see hiring people who can break in as a valid option because of all the new security problems that would create.

        • #3060327

          I wasn’t on a about a chap with

          by tony hopkinson ·

          In reply to Forget about firing someone for fraud?

          a domino and a bag marked swag.
          They break in, reset the passwords, get opaid an go home.

          As for the poster on Fraud, might not have worded it better, but this balls up could end up costing the business much more than than they were beoing defrauded. I just don’t get how they let this guy out of the door with out reseting the passwords, and for that they’d need his.
          If he’s not being prosecuted , he must be laughing his ass off at these idiots.

        • #3069669

          Not an English major….

          by mart1n ·

          In reply to Forget about firing someone for fraud?

          He would have spelt paralysed correctly if he was.

        • #3069561

          US Spelling

          by gsg ·

          In reply to Not an English major….

          Sorry, but “paralyzed” is how it’s spelled in the US, so, would be acceptable in this case. Yes, the spelling and grammar do make the document marginally difficult to understand, however, get a grip, people.

        • #3068809

          Reply To: IT Admin “Was Fired” But… Was it a GOOD idea?

          by crawk ·

          In reply to Not an English major….

          … if he WERE.
          (subjunctive tense – used to indicate something that might be but isn’t)

        • #3068930

          Legitimate Password Cracking Services

          by wayne m. ·

          In reply to Forget about firing someone for fraud?

          Please note that there are legitimate services that do provide password cracking services. These have saved many a company by unlocking laptops, etc.

          The suggestion is to use a legitimate service, not find a high school or college student to break into the network. Start with the providers of your servers and see if they can provide any recommendations. Passwords become lost for a variety of reasons, and having some crack a lost password should always be considered as an option.

        • #3068835

          ethical hackers..

          by jaqui ·

          In reply to Forget about firing someone for fraud?

          SANS uses these. they have several at every convention to hack a network, where said network is from a participant in the security convention.
          this is done to show the participants current tools being used by hackers.

          so get some of these guys to hack the passwords out.
          they are used to getting paid by a company to hack the network, risk of criminal activity is far less than you suggest.

      • #3069847

        Where’s the relevance?

        by oz_media ·

        In reply to I’ll Tell You What I Would Fire Someone For

        Where does typing skill in a public forum correlate with IT management for your company?

        Take a pill.

        • #3069740

          just another know it all

          by rapell ·

          In reply to Where’s the relevance?

          atitued gai who tnihks we sue englis to srot pobrems. For all we kwno the dude mite be german and he juts wasnt to participate and share with su at TR. Lest start gramar thread fo him. yes Oz is rithg, wrhere is engliski teh language if IT??

        • #3070841

          Reading this, dizzy I got!

          by lsmith1989 ·

          In reply to just another know it all

          Reading this, dizzy I got!

        • #3071059

          Reply To: IT Admin “Was Fired” But… Was it a GOOD idea?

          by stuart_at_oz ·

          In reply to Reading this, dizzy I got!


        • #3068833

          english is the

          by jaqui ·

          In reply to just another know it all

          language of IT since 90% of all programming languages, configuration files etc, are in english, or use english syntax.
          ( c, c++, basic, cobol, visual basic, perl, python … all use english as base for the language )

          not excusing any attack on someone, who may not be a native english speaker, just addressing the point of english as language for it.

        • #3068696

          Very true

          by oz_media ·

          In reply to english is the

          But English grammar is not part of programming.
          Probably why they call it a ‘programming language’ and not ‘writing an e-book’.

        • #3069689

          Attention to detail

          by chip_langowski ·

          In reply to Where’s the relevance?

          The quality of a person’s writing is often a direct reflection of the quality of their work. Learning from past mistakes, I no longer hire people with poor spelling and grammar skills…

        • #3069562

          Bravo. Can I work for you?

          by sirbyteme ·

          In reply to Attention to detail

          I cannot agree with you more.
          Understand that I am no English major, but I am so tired of techno-geeks thinking that their tech skills make them so almighty as to be able to ignore all other aspects of their existence.
          “Forget about spelling, grammar, grooming, personal hygiene, fashion, manners, etc…..I don’t need them….I’m a GURU!”

          All of the pieces make up the whole.
          Others are out there with the same or better skills who are actually in touch with the rest of society to the point that they inherantly understand that every little bit counts.

          Part of my hiring process includes a writing test.
          If I ask for a report/proposal/documentation/etc. from them, they damn well better produce something that is legible and does not need to be translated from pig latin!

        • #3069133

          Are you naturally offensive

          by tony hopkinson ·

          In reply to Bravo. Can I work for you?

          or did you pick it up as part of your language skills.

          Pig latin ?

          Unfortunately I would be disbarred on account of my poor handwriting from being employed by your good self, there again that might be a good thing, because you sound like a walking talking personality conflict. You seem to be guilty of the same disrespect and unwarranted generalisations as those you rail against.

        • #3069125


          by oz_media ·

          In reply to Are you naturally offensive

          Sorry, but those companies can have their staff, not interested.

          I couldn’t imagine working with a company that was so blind to real talent and simply based it’s choices on academic criteria, even demanding certs is a way of employing people while wearing bliders. Any dummy can hire a certified employee, how about finding the right fit for your company instead, it’s more work but the employees are generally better too.

        • #3070798

          Real issue

          by issinho ·

          In reply to Exactly

          From what I have seen, the only real reason to have certs is to get past the gate guards-Human Resources. They are the ones that really use certs as a way to weed out the thousands of Applications and/or resumes and get the ten or even the hundred interviews. The interviewer decides whether or not the person is the right fit for the job.
          Don’t get me wrong, I agree with you. Talent and knowledge is much more valuable than a piece of paper. Hell, anyone can study and memorize a test. What does that person do when the Sh*t really hits the fan? More often than not, he goes running to a co-worker asking for help. Someone with experience in said circumstance would figure out the right solution.

        • #3068694


          by oz_media ·

          In reply to Exactly

          And that’s why I would NEVER email a resume for a job ‘offer’ or ‘posting’.

          I contact ‘the powers that be’ directly and sell myself instead, it’s a great way to earn more than other employees, it’s a great way to get the ball in YOUR court, because they want your skills and abilities at that point, it’s up to you to decide how much your worth and what services you will provide for their money, not the other way around.

        • #3070620

          Lost focus

          by krawnsley ·

          In reply to Are you naturally offensive

          I believe originally I began reading this posting to identify what was happening. I am not sure we have a grip on the issues at hand. It is easy to place blame, and throw comments back and forth. I am sure this is out there to remind ourselves there is an issue and we all should protect ourselves as well as understanding the potential pitfalls.

        • #3070596

          Hostile removal of an admin is known issue.

          by tony hopkinson ·

          In reply to Lost focus

          Not sure why we went off topic apart from someone thought better handwriting and spelling would have prevented the situation in the first place.
          Seeing as we were discussing this as a technical issue, some of us felt it necessary to point out that this might not necessarily be the case.

          Wouldn’t want the types in charge of us to think this was a solution, after all that would be unprofessional.

          The pitfalls are enormous, this is like finding out your spymaster works for the enemy, you can rely on nothing they’ve been involved in.

          Hardly mentioned at all is the fact that if they don’t have the passwords, he still does !. That would worry me personally.

        • #3070812

          Respect IT Field and others

          by itengineerguy ·

          In reply to Bravo. Can I work for you?

          As far as the Admin that got fired, he should have offered the company all passwords when he was terminated. Always leave in good faith whether firing is justified or not. IT people should always have the highest respect for the IT field and remember there is someone taking your place.

        • #3068707

          Reply To: IT Admin “Was Fired” But… Was it a GOOD idea?

          by pickleman ·

          In reply to Respect IT Field and others

          If only everything in the world were so black and white…

        • #3068763

          Seeking Good Character

          by mgordon ·

          In reply to Bravo. Can I work for you?

          I regret some of the responses to your message from persons who otherwise possess excellent judgement.

          I suspect some people miss the point of your message — you are speaking of arrogance, hubris and/or pride. Or in other words, you see in sloppy writing and dress a character deficiency that may well also manifest itself in the invisible world of programming and administration, as well as suggesting management and reliability problems with the employee.

          If you are hiring an expert, the idea is that he or she brings something to the table that you cannot already do for yourself. If that is so, how can you judge the “guru” on a topic for which you may not be expert? You cannot. We use a proxy to make the judgement; a person that has educated himself or herself and is well dressed and articulate makes a big positive impression at the hiring table. Soon enough you’ll know if he or she can also program a Cisco router.

          It is my experience that about half the people in Information Technology can neither write nor spell well enough to be displayed to the public or even the CEO and board. People that might know words but fumble the typing should avoid tasks that require precision on the command line — database administration and Cisco router programming.

          As to people that cannot spell; let us consider two possible reasons: They cannot learn or they choose not to. If the former, why shall we suppose such a person can learn the complicated languages of technology? If the latter, it bodes poorly for initiative and character; when is such a person going to start doing things correctly?

          Sometimes it is funny — a co-worker wrote our suite number as “sweet 200” and it is still there on a domain registration for the whole world to see.

          With the decline in employment opportunities and the resulting large number of unemployed IT workers, I have and continue to counsel the ‘whole person’ approach — be mindful of your impression upon the CEO, investors and other influential persons. Dress well, speak well, write well; these are the things by which you will be judged by the people with money. What I do with Cisco routers is absolutely invisible to everyone except our consultants. My back-end computer programming is invisible. The entire project is judged only by that which is visible, namely the web page interface.

        • #3069548

          You said it yourself

          by oz_media ·

          In reply to Attention to detail

          ” is often a direct reflection of the quality of their work.”

          And OFTEN it isn’t, so to use it as a blanket to deterine who’s best for th ejob is pathetic.

          Yu can’t get through certs and testing without a good understanding of English, typing skills are important for a programer but not most admin work.

          Again though, this is just a public chat room, not exactly a place where English skills need to be demonstrated. I too just don’t care if punctuation and spelling is correct here, you want accurate copy you can pay me for accurate copy.

          And what’s with an American claiming he speaks proper English anyway? Perhaps a proper version of the bastardized English spoken in North America, but it sure as hell isn’t proper English.

        • #3070650


          by jhogue1 ·

          In reply to You said it yourself

          George Bernard Shaw remarked that the British and Americans were two peoples separated by a common language.

        • #3069534

          Amen Brother!

          by bhalley1 ·

          In reply to Attention to detail

          If a techie doesnt see the need to communicate using correct grammar and spelling, what would make a hiring manager think they are going to be any more accurate with their technical duties?

        • #3069118


          by oz_media ·

          In reply to Amen Brother!

          This is BARELY one step above text messagin on a cell phone. NOw people are expected to live up to YOUR understandin gof proper English? Get a life and find somewhere relevant to focus your energies.

          This isn’t a job interview, it’s a discussion forum.

          One thing that really sticks out to an employer is never to hire a self rightous know-it-all who thinks his s**t doesn’t stink. You wouldn’t have a snowballs chance in hell of getting hired by a real company.

        • #3068704

          Reply To: IT Admin “Was Fired” But… Was it a GOOD idea?

          by pickleman ·

          In reply to MY GOD! THIS IS A CHAT FORUM!!!

          So…what you’re alluding to then, is that you should present yourself as being nothing special…just an average slob, with nothing superior to offer when compared to the previous 20 Joe’s that they just interviewed.

          Yeah…way to go.
          Super strategy there..

        • #3068678

          Not at all, I wasn’t ALLUDING to anything

          by oz_media ·

          In reply to Reply To: IT Admin “Was Fired” But… Was it a GOOD idea?

          I think it was quite clear what I meant and anyone with any staff management experience would understand exactly what I wason about.

          As for 20 Joes, only a mediocre conformist would be in an interview process with 20 other people. That’s for the people/schmucks who wait for job postings to seek work, super strategy there.

          How about a little assertion, call up and create your own job interview whether they are advertising a position or not? Or do you fit in with those who feel they can only fill positions and not create them? As you say, super strategy (or lack thereof) there.

        • #3069137

          Spot the grammatical error

          by tony hopkinson ·

          In reply to Attention to detail

          For I := 0 To 9 Do
          MyList[I] := Pointer(Integer(MyList[I]) * ((I + 5) * 10))

          Which details, when and why are as important.

        • #3070736

          Point Taken

          by imageryanalyst ·

          In reply to Spot the grammatical error

          Syntax, Syntax, Syntax

        • #3068831

          here is

          by jaqui ·

          In reply to Spot the grammatical error

          the error:
          should be:


        • #3068773

          Hell I never saw that one

          by tony hopkinson ·

          In reply to here is

          Wonder if over use parentheses would be considered a style issue sort of like iambic pentameter for language statements.


        • #3068771


          by jaqui ·

          In reply to Hell I never saw that one

          it is bad style, simply because of missing closing brace errors.

          but, some expressions require really heavy brace usage, the worst I saw was 15 sets of braces to process one task.
          ( if then else nested loops )

          I rewrote it into three different functions for readability, and to make the nesting less.

        • #3069051

          So, spelling and grammar in an informal public forum prove something?

          by jmgarvin ·

          In reply to Attention to detail

          What are you talking about? I’ve worked with many VERY bright people who cannot spell or write a document to save their lives.

          Using blanket statements like this not only reflects poorly on IT, but on IT managers as well.

          Can you spot the spelling error?

          service –status-all | grep smb

          How about grammatical errors?

          ./configure && make && make install && make clean && echo DONE


        • #3069048


          by oz_media ·

          In reply to So, spelling and grammar in an informal public forum prove something?

          Shouldn’t you use a semicolon or at least a comma in there somewhere?


        • #3068924

          Do You Provide Training?

          by wayne m. ·

          In reply to Attention to detail

          It is perfectly acceptable to set standards for writing ability as well as for any other aspect of the job. Do you provide training to allow your employees to meet your expectations?

          It is quite easy to state one has high standards. It is quite another to take action to ensure that the standards are met. There is a vast pool of potential employees out there and each has his own strong points and flaws. Whoever is hired will have at least one flaw.

          It is a management decision about whether to overlook shortcomings and allow standards to decay over time or to work with individuals and bring them up to standard. Sadly, most companies take the former approach and the purported standards become a joke for the workforce. Put one money where one’s mouth is and teach and train your workforce.

        • #3059910


          by 2manycerts ·

          In reply to Attention to detail

          Why that’s INSANE, requiring an employee to be able to spell and compose a complete sentence! What’s next? The ability to count?

          You should purely hire anyone based solely on…um… eye color… no, no, no… um, a dice roll.

        • #3070637

          usefullness of proper comminication

          by jhogue1 ·

          In reply to Standards!

          I teach IT at the University level. I tell my students that they can get a job in IT with lousy spelling and communication skills. The problem is that them limit themselves to lower level jobs. To move up to the top of the ladder they need to be able to express themselves in “business speak” and not just geekology. In order to become a corporate VP, you need to look, speak and write like a corporate VP.
          I know that this has no relationship to how well you can crank out code but the higher up you move the more you write reports and less you write code.
          Since this is an informal chat area, I don’t mind any sort of spelling but on a business document I do care.

        • #3070586

          Personally I’d go for being a

          by tony hopkinson ·

          In reply to Standards!

          a relative of the CEO, probably went to a good school and even if they didn’t it’s still agood career move.

        • #3070550

          Spelling and This forum

          by masperring2003 ·

          In reply to Attention to detail

          Hi guys n gals
          The whole issue that has come out of the last few! replies is as I see it
          1. The originator of the thread does not have time to do a ‘pretty’ job of the discussion starter
          2. If he does then he is defrauding his company, who are probably paying for the ‘net time he is using to write his gripes.
          3. Leave the English / grammer too others.
          I’m a teacher in UK and find it hard to understand why somebody gripes (moans) about coloquial writting styles. We are all proffesionals?

        • #3115469

          A Ray of Hope(lessness)

          by jonathanpdx ·

          In reply to Spelling and This forum

          I certainly hope your post wasn’t an example of the level of competency you’re teaching your students, but rather a tongue-in-cheek poke at the poor quality of stuff we continually see on the boards.

      • #3070801

        You are absolutely correct!!!!!

        by imageryanalyst ·

        In reply to I’ll Tell You What I Would Fire Someone For

        I wondered the same thing myself!!!

      • #3070713

        Belt up!!

        by arm ·

        In reply to I’ll Tell You What I Would Fire Someone For

        Belt up, speed kills! (A slogan, not a sentence.)

        If you really were interesting i would wax lyrical. Instead i’ll pick the melted wax from candles, which is infinitely more engaging.


        Chin up old fellow, i’m sure someone out there likes you!!

      • #3115473

        Their Their…There Awl Owt Two Get Yew! :-)

        by jonathanpdx ·

        In reply to I’ll Tell You What I Would Fire Someone For

        You don’t sound like a schmuck. I don’t think you were the only one who had a problem with the manner in which the user posted their “story.”

        Holy Cow! You’d think that people would learn to state matters or concepts in a clear and concise manner. Anything that can be said can be said clearly. There is no excuse for poor grammar, spelling, and communication of concepts, especially in a profession that depends so much on attention to detail.

        It’s also not a matter of being an English major, it’s a matter of simply speaking (or writing) English. Sloppiness and laziness is why we ended up with the Y2K fiasco, why the company in question is in the straights they’re in, and why IT is such a costly expense for companies. Maybe some people are satisfied with shoddy quality in whatever they or anyone else does, but I don’t see why I, anybody I work for, or anyone who works for me should have to stand for it.

        Maybe this is just a simple board posting, but there’s no excuse for appearing a simpleton by looking like your post was constructed by a 5 year old.

        You’re is not Your,
        It’s is not Its,
        Their is not There,
        Prolly is not Probably,
        etc., ad nauseum.

      • #3119125

        Pot, meet kettle…

        by zeppo9191 ·

        In reply to I’ll Tell You What I Would Fire Someone For

        “I’ll Tell You What I Would Fire Someone For”?

        Try, “I’ll tell you why I would fire someone”, or “I’ll tell you for what reason I would fire someone”.

        For someone so willing to criticize other’s use of the English language, you don’t seem to have very strong skills, yourself…

        I may be proving myself a hypocrite to some, but I find far less fault in those who are being criticized (irrelevant of whether said criticism is valid) than I do in the critics – especially when the critic is guilty of the same ‘crime’.

    • #3060540

      Contractor at a small bank

      by zlitocook ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      I was a contractor to a small bank and hired after contract ran out. A office manager was the Administrator for all the servers, he used a consulting group to do all the administration of servers, security and other functions. When I got real administrator access to the servers I found and patched three back doors and access to all servers to more then five people. The consulting group complained that they needed access from remote computers. When I asked them why I never received a good answer. If you have one administrator you need to have him/her give all thier passwords. And let them let you log in as them to see what they have access to. And it is a good idea to have a contract that will say that if they leave they have to provide all access and passwords.

      • #3060406

        found out too late.

        by mjd420nova ·

        In reply to Contractor at a small bank

        that persons boss should be out the door too.
        To fire him and not get access passwords is
        inexcusable. Sorry to say buy you are going to have to rebuild, and the two new hires that control and build the new system will have to be watched over by a knowledgable third manager.
        Unless this is done , you may have an even bigger problem down the line. I hope that this
        will open the eyes of those of us out here who
        dread this type of situation and may now take
        steps to prevent it from happening to them.
        I know, I’ve seen it before, but was able to
        do a restore from before that idiot was hired.
        We lost some data but was able to replicate it from the individual machines on which it was

    • #3060376

      Too late now, but next time…

      by brotherj ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      I work for an organization that is just completing going through a similar agony. The only saving grace is that prior to firing the individual I made it policy that all admins, network engineers, etc. had to register their passwords in an encrypted database that I, the CTO and the Network Security analyst had access to. The individual terminated still had numerous private passwords on the devices he accessed regularly, but we were able to get into the devices and clean up the private passwords, backdoors, etc.

      • #3070629

        closing backdoors

        by jhogue1 ·

        In reply to Too late now, but next time…

        brotherj brought up a point that the rest of us missed. The new folks need to make sure that the person who was fired does not have backdoors into the system. If he was a real crook, he may have other things going that have not been discovered yet.

    • #3060371

      Who is A.S.A.V.M?

      by don’tquityourdayjob ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      I would question how good of an investigation they applied to the situation in the first place.

      I don’t think it would be unusual for an admin to password protect files, especially those deemed essential to network opps.

      Some admins argue that doing this makes it more difficult for “malicious” progams to change these files.

      Some companies have a policy against this but I am uncertain your’s has such a policy.

      It was not a GOOD idea to fire this person, especially if this was the only IT admin.

      • #3069660

        Foolish Company

        by jcritch ·

        In reply to Who is A.S.A.V.M?

        So let me ask the question, what would this company have done if this person was run over by a bus? Where was their D/R plan, which should have included the fact this guy could be dead?

        This truly is a case were litigation is possible, but hey the guy could come down with a case of amnesia, then what? I bet you will see some sort of judgement placed on him by the courts.

        • #3069128


          by oz_media ·

          In reply to Foolish Company

          Besides a published policy, what control does a company have over it’s staff in that it would be watching all the IT staff’s passwords?

          Yes a DRP would be a better idea, but if an employee changes passwords there’s nothing you can do at the time unless you know about it. The only way to know about it is via micromanagement, and we’ve all seen what a negative, company crushing disaster micromanagement is.

    • #3069848

      Admin 1’s responsibility

      by oz_media ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      If your company, ASAVM, has an internal investigation department (though I am thinking it’s probably just a post employment investigation and not an IT specific one), they most likely have a policy in place that all passwords are company property. Check into the policies first.

      Regardless of policy though, the admin MUST make his passwords available to the company, it is illegal not to. They own the hardware, they own the network, they MUST have access to it, the admin can face some serious theft charges if he has locked the company out of their own hardware. It’s NO different than changing the locks on the front door and leaving with the key in your pocket.

      I would suggest having someone call him, if not yourself, and ask for/demand ALL passwords, he is NOT legally able to lock your company out of their system, policy or not. If he refuses to offer the information or come and unlock all passwords, then take legal action.

      • #3070657


        by bronzemouse2003 ·

        In reply to Admin 1’s responsibility

        Losses pile up quickly – and are probably recoverable from Administrator1.

        In his best interest to give up the passwords as soon as possible.

    • #3069808

      Find a lawyer!

      by jmgarvin ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      Explain that this was a malicious act and if he doesn’t cough up the passwords, you will sue him.

      Also, I doubt he will be getting a good reference from that company….so make sure he KNOWS that.

      • #3069600


        by calson ·

        In reply to Find a lawyer!

        I seem to recall a similar case years ago where a guy was charged with theft for encrypting everything. I think it might have been where he broke into someone’s computer and encrypted their files, but the premise is the same.

        • #3069546

          It IS theft

          by oz_media ·

          In reply to Theft

          You have taken company property and made it in accessible to those who own it. You have stolen access to their own products from them.

        • #3070764

          Yes, but how much time do we have…

          by just watching now ·

          In reply to It IS theft

          Yes, but how much time do we have to rebuild the system to keep the company going down the road? In most IT situations, you need the systems to do business.

          You could sue him, or file criminal charges, and in two or three years you will get your passwords or he will owe you a lot of (uncollectable) money.

          Mismanagement will out, in the end.

        • #3068703

          True…but usually the THREAT of a lawsuit helps…

          by jmgarvin ·

          In reply to Yes, but how much time do we have…

          I think this admin is an unethical slug who needs to be taught a lesson.

          While I’m sure the passwords can be broken, I’m equally sure the company could sue him into the ground, blacklist his name in IT, and make sure that his “ethics” are known.

        • #3068665

          Reply To: IT Admin “Was Fired” But… Was it a GOOD idea?

          by pickleman ·

          In reply to True…but usually the THREAT of a lawsuit helps…

          > I think this admin is an unethical slug who
          > needs to be taught a lesson.

          Without knowing all the facts in the case, I find it amusing that you’re so ready to convict the guy without even hearing his side of the story.

          > While I’m sure the passwords can be broken


          > I’m equally sure the company could sue him into the ground


          > blacklist his name in IT, and make sure that his “ethics” are known.

          This is the I.T. industry, not the movie industry.
          There’s no blacklisting, and nothing will be made known. The absolute worst that they can do to him is not give him a reference. I’m sure he’s not the least bit concerned about that, all things considered.

        • #3071853


          by jmgarvin ·

          In reply to Reply To: IT Admin “Was Fired” But… Was it a GOOD idea?

          Ok, why “LOL?” I think we’ve heard a good portion of the story. It sounds like he was using the business as a place to get parts and to fund himself, how is that ethical?

          Sure the IT industry is like the movie industry. If you don’t get a good reference, you are pretty well sunk. Plus, it will be a big question mark on his resume if he doesn’t allow them to contact them employer.

          So please explain why you think my comments aren’t valid. “LOL” doesn’t mean much to me other than you have little to say on the subject.

        • #3071575


          by oz_media ·

          In reply to Reply To: IT Admin “Was Fired” But… Was it a GOOD idea?

          >well it seems you haven’t seen life in a reputable position. Company owners of all sizes of organization generally know each other quite well. Any city I’ve worked in, I know all of the worthwhile business owners in a short while and even pass employees off if they are looking burned out with the routine, this way you don’t have to ‘fire’ people you think are good but done in. Yes you will get blacklisted, especially within your own vertical, the most likely place for movement.

          Any industry I’ve worked in, everybody knows everybody, unless they are nobody of course.

          >jm, sorry for the title.

        • #3057903

          Oz, I have only one thing to say

          by jmgarvin ·

          In reply to Reply To: IT Admin “Was Fired” But… Was it a GOOD idea?

          LOL 😉

        • #3068691

          Uh nope

          by oz_media ·

          In reply to Yes, but how much time do we have…

          As Ive said elsewhere, it would probably be as easy as a quick phone call and he will offer the passwords. If not, a friendly call from the company’s attorney would get him to provide it without need for a long drawn out court case. I haven’t met a lawyer yet that would even entertain the idea of representing someone in his position.

        • #3068663

          Reply To: IT Admin “Was Fired” But… Was it a GOOD idea?

          by pickleman ·

          In reply to Uh nope

          > I haven’t met a lawyer yet that would even
          > entertain the idea of representing someone in
          > his position.

          Then I’m gonna go out on a limb here and make this crazy assumption that you haven’t met many lawyers. What a shock that would be.

          Here’s a little dose of reality for you: a lawyer will represent a rapist, a murderer, and even a child molester. What is it about a Network Administrator that you feel would be so repugnant that a lawyer wouldn’t “entertain the idea of representing” him? Is that more of the “OZ Media” wisdom we’ve come to know and love on this forum?


        • #3071644

          Wake up a bit please and try again, you’re dead wrong.

          by oz_media ·

          In reply to Reply To: IT Admin “Was Fired” But… Was it a GOOD idea?

          Yup that was one weak little limb you fell from alright.

          As some know here, my brother is a very high profile corporate attorney that represents some of North America’s largest corporations.

          Have I met many lawyers? Literally HUNDREDS.

          I’m also a manager/promoter in the music industry and have represented bands in Canada, the US and Europe, have spent countless hours in courtrooms over IP, copyright and other issues.

          I have sat through more endless corporate cases than you have sat in classes in school. No, most lawyers would NOT represent someone with such a dead end and useless case. It takes time and money and even if this admin was willing to cough up a few grand to even launch a suit, no sane lawyer would tarnish a reputation with such a lose lose scenario. This isn’t criminal law, sponsored by legal aid, this isn’t an accident claim, it is a LOSING situation with no possble way that the admin would come out on top. Corporate lawyers rely heavily on a win:lose ratio, they don’t want to take on dead cases as they would never gain enough of a reputation to get a worthwhile company to use them.

          Now on top of all of this, IF…by some ridiculous stroke of luck, he were to find some tin-pot lawyer trying to make a name for himself, and IF he were able to pay the legal fees, his chances of standing up against the company’s own corporate attorney are absolute ZERO, NONE, NIL, NADA, SQUAT, SWEET F-ALL.

          I have sued more than my fair share of employers who feel they can pull one over on you as you leave, they are usually quite shocked to find out that their lawyer won’t represent them as their lawyer is often MY lawyer and I can afford to represent myself properly (not that I have mounds of money but I have my obvious connections), moreso I understand when I have a case that can be won, unlike the sad situation here.

          So it seems like the “picklman wisdom”, or lack thereof got the better of you this time as you spoke irrationally and without knowledge of which you speak. In doing so you also made rash unqualified assumptions of my character, which you don’t even have the most minimal grasp of.

      • #3059909

        An example should be made of him/her

        by gprinsloo ·

        In reply to Find a lawyer!

        I think the company should go all out to punish the individual.

        Use the law to force cooperation and liberation of the locked data.

        Ruin his/her career in the media as it will greatly benefit the honest admins who institute sound policies.

        All companies must assure that they never place all their eggs in one basket.

        A DISHONEST admin is a CRIMINAL and should be treated as such. What is the difference between destroying, stealing, hiding (encrypting, mislaying) or falsifying company property/data, all are CRIMINAL acts. which are aggrivated if commited by “responsible and trusted” persons.

      • #3070743


        by avid ·

        In reply to Find a lawyer!

        a good acceptable use policy should should be able to show, in court, that the passwords actually belong to the company. refusing to give them to the company could land him in jail if he gets a hard nosed judge.

      • #3070710

        I find your premise funny..Maybe the guy did nothing wrong

        by oldtimer1 ·

        In reply to Find a lawyer!

        IT and law have little to do with each other. It was the company`s responsibility to have policies in place. It was the companies resposibility to make sure they had the tools to run their business.
        And I`ll go one step further. It sounds to me like the reason for firing was concocted. They claim he ran it wrong on purpose. Maybe all he did was let it run as designed till it failed. (I`ve done this many times to prove a point-or to get something to actually work-not sure if this applies here because I worked for a huge company with layers of so called design engineers).
        And as far as the encryption goes, all he has to say is that it was part of security and how many years do you want to spend in court to prove him wrong?
        Just by the way this company handled the whole situation I have to give the guy fired the benifit of the doubt. I`m not going to assume him guilty of anything. And if I was the guy fired I sure as hell wouldn`t tell you what the passwords are. Hiring a lawyer would be worth it to me. I`ve delt with enough asses in management positions to know better.

        • #3070655

          Didn’t you read?

          by whiteknight_ ·

          In reply to I find your premise funny..Maybe the guy did nothing wrong

          the original post stated:
          “They found in there investigation, that this IT Admin, deliberately mismanaged the net work to obtain software and hardware for both personal use and for personal private transactions.”

          Why would you give this person “the benefit of the doubt”?

        • #3070559

          Yes I would

          by oldtimer1 ·

          In reply to Didn’t you read?

          For one thing as worded it`s not telling all so we are walking a fine line. Second the handling by the company tells more about how poorly the company is run than the guy they fired. Third I have a hard time believing if they had such a crack group that could decide that he was Deliberately faking problems on their net but didn`t have the common sense to secure their own network?
          Something is missing in this story, so until I know all the facts, yes I will give the guy the benifit of the doubt. And no after they fired him he doesn`t have to give them anything, including the passwords. That is their mistake.
          I`ll give you an example. A co-worker was fired at his house while on company duty. But they did it before they got his truck back to the garage. So when asked where was it he said I`m fired go find it yourself. They did 3 weeks later-stripped.

        • #3068702

          Is that ethical to you?

          by jmgarvin ·

          In reply to Yes I would


        • #3068560

          Burning bridges, Karma et al.

          by jamesrl ·

          In reply to Is that ethical to you?

          While I understand the temptation, the person who stripped the company truck after being fired not only lacks ethics and personal integrity, but also doesn’t understand the potential impact of these kinds of actions.

          Its a small world out there. People talk. Even in big cities stories go around about these kinds of incidents. You never know how something you do at one job will affect your ability to land the next one.

          I was at a job at a massive organization and felt like I wasn’t progressing, so I took a job as a Y2K project manager at another company. While I enjoyed the challenge, I did discover the grass wasn’t always greener. So I looked up my old boss, who had moved on after I left to another company. Good thing I didnt bad mouth the company, and stayed friendly and open.

          The reverse has also happened. When I got a new job, I ended up discovering that a manager was not performing well. That information became clear to his boss, and although I had no role in the actual decision, I think I did have something to do with his firing, though with no malice on my part.

          Cut to a few years later, I’ve been laid off, and am interviewing for a great job at a place very close to my house – what a fit. But the interviewer asks about how I know the manager whose faults I had uncovered at that previous position. Needless to say, despite the excellence of the fit, I didn’t get the job, nor even the courtesy of a phone call or letter.

          The guy who strips the truck or encrypts the passwords and screws his former employer creates the kind of image that can haunt someone the rest of their career, and since people have long memories of those kinds of things, they are doing themselves a great deal of potential harm.

          Even when I’ve quit in disgust at a job, I’ve tried to keep it professional, friendly and open – you never know when you will encounter those people again.


        • #3068662

          Reply To: IT Admin “Was Fired” But… Was it a GOOD idea?

          by pickleman ·

          In reply to I find your premise funny..Maybe the guy did nothing wrong

          Amen to that.

    • #3069654

      Bad decision

      by jwschull9 ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      This happens all the time. I know of one specific case where the result was a lost contract, the company closed it’s doors and everyone lost their jobs. Shame on the company management for not handling the employee with a bit more common sense and respect. Forget the backup. Those files are probably encrypted also.

      You assume that the person who started the employee’s termination had the common sense to insure that this could not happen. Bad assumption == Bad management.

      • #3069116

        So it’s the company’s fault

        by oz_media ·

        In reply to Bad decision

        THat an employee stole access to their network?

        If you leave your front door unlocked i am welcome to come in and help myself?

        No, it may be your negligence that allowed me to enter but I’m still a theif, as is the employee who has broken the law in this case.

        • #3070776

          Whose fault?

          by jwschull9 ·

          In reply to So it’s the company’s fault

          I’m not trying to justify this particular employees deeds. The statement was that he mismanaged … in order to acquire. In other words he got the company to buy stuff they really didn’t need. They didn’t say he stole anything. If he stole something … shouldn’t they have arrested him? Charged him with theft?

          The company overreacted. They should have talked to him first. And they should have recommended a second admin, a backup, LONG before any termination took place. Upper managements knee-jerk reaction may cause the whole company to suffer.

        • #3070623

          denial of responsibility

          by jhogue1 ·

          In reply to So it’s the company’s fault

          What is to keep me from saying that “I told the person who terminated me that the passwords were in the red folder in my upper right desk drawer. Since I was terminated, I purposely forgot them to protect the company’s security. It is not my fault if you can’t find the folder. It was there when you marched me out of my office.” Unless you video taped the termination, you can’t prove that I did not tell you where to find the passwords.

    • #3069108

      They deserved it

      by freemarkets ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      That was poor management, period. It had nothing to do with the employee. They should call the employee back, beg forgiveness and offer money to makes things right again. Maybe next time they will learn how to manage people.

      The new admin should leave unless mgmt. is willing to admit it was 100% in the wrong and is willing to right its actions.

      • #3068937

        So if I break into your house, steal your stuff

        by jamesrl ·

        In reply to They deserved it

        and trash the place, you should forgive me and hire me to do the cleanup?

        Yes management made mistakes in not ensuring through a proper disaster recovery plan and testing of the plan that they could not survive without the admin without a negative impact. A good analysis would show that there was a significant risk. What ifs abound in this case – what if the admin was incapacitated, on disability, snowed in etc.

        But in no way does that let the bad admin off the hook. If, as the OP suggests, the admin was guilty of misusing corporate network for personal gain including illegal software, then they deserve to be fired. A smart exec might not execute that right away before thinking about the impact, and taking some steps to lower it if possible.


        • #3070531

          Not a good analogy

          by freemarkets ·

          In reply to So if I break into your house, steal your stuff

          A better one would be: You invited someone into your house, didn’t check them out, left the house unsupervised and then came back some time later and found it was trashed and that your property, which was out in the open and not locked up, was gone. You deserve the blame there–all of it.

        • #3068811

          You assume

          by jamesrl ·

          In reply to Not a good analogy

          And I don’t see in the Original Post, that there was no due diligence done in the hiring process. I have fired employees for similar offenses who passed a criminal record check and had good references. They weren’t encrypting data, but they were using the email and telephone system of that company to do business on the side, clearly in violation of policy (signed off on by the culprit).

          I do agree that you need to make the rules clear unambiguous and get signatures. Management needs to do due diligence in hiring/background checks for trusted individuals, and have controls in place to ensure that they are not reliant on one individual. I’m not letting management off the hook. But this management bashing seems a little too much like blaming the victim while at the same time ignoring the fact that the admin was involved in what sounds like theft.


        • #3068722

          Just changes what part of the criminal code

          by markfroe ·

          In reply to Not a good analogy

          In your analogy all you have done is to change the offense from Breaking and Entering to petty/grand theft depending on the value. While the management may have been negligent the admins actions are still worth a procecutors attention.

      • #3059906

        It had nothing to do with the employee?

        by 2manycerts ·

        In reply to They deserved it

        He use company resources to acquire hardware and software for PERSONAL use? That has nothing to do with the employee?

        The devil made me do it.

        It amazes me how many people are defending the actions of a THIEF

        • #3070527

          Please see my reply to James

          by freemarkets ·

          In reply to It had nothing to do with the employee?

          That kind of stupidity is your own fault. You need to take ownership of your mismanagement. And then to fire the person without knowing what he has done? Clearly they found out about the encrytion problem AFTER they fired him. Quite incompentent management.

    • #3068945

      Sounds Like Jurasic Park

      by wayne m. ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      This may be somewhat off-topic, but the scenario described above reminds me of the basic subplot in Jurasic Park!

    • #3068893

      Fraud, Theft, Ethics, and the bus

      by marc h. ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      Hell yes, he should be fired! Firing is almost to good for him.

      I have a sealed envelope that sits in the CFO’s office. That envelope has a list of the passwords for the network. Every month, we check the seal on the envelope. Should the entire team be hit by a bus, the corporation will be fine. The information is secure, there’s a backup plan, and its ethical.

      As for this admin, the simple threat of litigation and criminal proscution should be sufficeint to secure the needed passwords. In most states, I believe it would qualify as felony theft in most states here in the US.

      Just my $.02.

    • #3068885

      Just ask…

      by hectorjleslie ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      Why don’t they just give him a call and ask for the passwords. If He refuses then they can proceed with any legal alternative they may have.

      • #3059903

        Short sightd

        by db8abl ·

        In reply to Just ask…

        If the company walked him out the door without simply asking for his passwords they were very myopic. If they did ask and he didn’t tell then they can take legal recourse. It is normal for very few (usually less then an handfull) admins to have the all the keys. If you take the high road and assume that he was not asked, just walked out, then bring him in as a contractor (1099) for a few days, pay him a decent hourly wage, get your information, and call it a day. Everyone wins.

    • #3059900

      Give Johnnie Cochran or Mark Geragos a call?

      by lsmith1989 ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      I think it has already been mentioned,

      Find a lawyer and pursue all legal avenues and prosecute him to the fullest extent of the law and make him pay for the company’s legal bill. Software piracy is illegal and he can get heavily fined for each instance or even face jailtime if there is enough proof.

      If this guy is a professional, then this corporate sabotage bit was just a cover up to another real heist (Jewels, Artifacts, Company’s Ultra Secret recipe?) and the thief is already out of the country. Anyone seen the Italian Job?

      Unless this company is the Mickey Mouse club,
      it should be able to afford a somewhat decent lawyer and it should have been normal hiring procedure/practice to have this person sign a note about policies on company property, software property, and consequenses of stealing from the company and bieng prosecuted to the fullest extent of the law, etc. Most places I’ve worked at have something like this in place so that they can pursue legal action easier.

      Just my opinion.

      • #3070830

        Johnnie Cochran

        by jlspencer ·

        In reply to Give Johnnie Cochran or Mark Geragos a call?

        Get with the times …he passed on …not receiving phone calls… I agree on the documentation aspect. More often then not when the IT admin is let go certain steps should be followed to protect the company.
        1. Admin passwords held by two or company execs.
        2. Make sure you have full access prior to escorting IT Admin to the door
        3. While he is in the exit interview CHANGE ALL ACCESS passwords.
        4. Disable all unknown accounts.
        5. any others ?

      • #3070617

        trade for passwords

        by jhogue1 ·

        In reply to Give Johnnie Cochran or Mark Geragos a call?

        Our ex employee might be willing to trade passwords for an agreement not to file charges or a law suit.

        This gets him off the hook but puts the company back in business. Questionable ethics but possibly a good business decision.

        I want to thank everyone who has participated in this discussion. It will make an worderful discussion for a digital ethics course.

    • #3070837

      Was there a CIO?

      by vijayaraghavan_g ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      Businesses using computers extensively are very vulnerable to both equipment and human failures. In a company where I was working as the equivalent of a CIO, I used two administrators each with their specific roles but with the knowledge of the other’s area of work. I used to switch their roles now and then. (After all they can and do go on leave or vacation occassionally, isn’t it?) In addition, I had all important administrator passwords with me also and used to try them at random to be sure that they work correctly.

      Administrators do have access to a lot of business critical information and their selection and periodic evaluation to ensure that they stay on the straight and narrow path is also a must.

    • #3070832


      by jabamonte ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      First off I would pay for password decryption. There are companies that specialize in this area.
      As for my company, all that I do has been written down in detail (read click by click). I am the sole IT person. I don’t believe the company fears losing me, I just want to make sure that if I fall off the face of the planet, that whomever follows me does not have to start with a blank slate.

    • #3070822

      What gives?

      by meauxmoney ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      “A.S.A.V.M operates an internal investigation department… one which no employee had been aware of.”
      “They found in there investigation?”

      If they are smart enough to hire an investigative team that can login and find all of this out (without anyone knowing mind you), they should have been smart enough to prevent this.

    • #3070821

      what if…

      by theohkm ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      What if no one can know who (the geniue) have accessed the system with supervisor privilege when something goes wrong ? The question is who takes the responsibility.

      It is completely reasonable to have keep new admin unknown of critical password, esp. before probation period.

      While the company already has more than one people who know the password, and changes to part of the system has been found to be modified by more than one person. It is important for admin to *protect* himself rather than anything.

      If the files cannot be decrypted by any second person, it is a seriuos problem that must be solved.

      Not to let in password and access to sensitive resources are natural to experienced admins, especially when the environment is complex.

    • #3070818

      I question the investigation

      by adminofone ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      Ok, so we have a company that doesn’t understand the basics that it’s bad for a single person to have the keys to the kingdom, much less some basic disaster recovery planning, but they have some ultra-elite internal investigative group that has the capability to determine what is and isn’t the appropriate way to manage the network.

      Now, if I was the new IT Admin I’d start working up a plan to rebuild the lost infrastructure from scratch. Sure you could try and take the guy out for a beer and get the passwords, but you plan for the worst, not the best.

      If you can’t get the passwords, proceed with the rebuild. It will cost the company some money, but as far as I’m concerned they deserve it for their negligence, and hopefully this time the lessen will be learned.

      And yes, my company has backup plans for the unexpected.

      • #3070753

        I second that!

        by b.swank ·

        In reply to I question the investigation

        I agree with AdminOfOne, the lesson has been tought, the first thing would be to get an Admin with some experience one who takes their Job and the responsibility of being an Admin seriously.
        get an understanding of the network and its function and infrastructor layout and rebuild resetting the switches, routers, etc… is time consuming but well worth it in this case, why? you ask. if this admin was doing these things and encrypted, and locked everything down so bad what else is out there? how many back doors were built-in? I believe as an admin we should be held to the same standards as Doctors and Lawers! documentation!!!!!!! and review boards for cases like this.

    • #3070804

      Passwords are property of the company

      by g_tilghman ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      Those passwords, whomever created them, was part of the corporate intellectual property. I would have warrants served on the guy and tell him we will prosecute to the fullest extent of the law, including fines and jailtime if he didn’t produce those encryption keys and passwords IMMEDIATELY WITHOUT FAILURE.

      It would not be an empty threat….

      • #3070791

        Legal remedies?

        by justlj ·

        In reply to Passwords are property of the company

        Would that be a violation of any of the Federal statues regarding electronic commerce, or even under one of the SOX provisions? Maybe an FBI office can be of assistance.
        If the business has a Federal contract, then most definitively call FBI.

        I believe some states have specific laws regarding that occurrence, so maybe a simple call to the sheriff would get the ball rolling.

        And yes, the business was silly for not being sure they could get into things – maybe making a severance contingent on verifying ample access to systems; however, they didn’t “deserve it” because the admin was fired.

        • #3072519


          by venator ·

          In reply to Legal remedies?

          Maybe I’m wrong here, but…if the fired admin hasn’t refused to give the passwords, prosecution may be difficult due to a lack of evidence of intent to damage or deprive the company of it’s resources. Once the fired admin refuses to give the passwords, I think you have a case.

      • #3070789

        Old story, similar situation

        by john.bruette ·

        In reply to Passwords are property of the company

        The original post reminded me immediately of a story I heard about thirty years ago.

        A tape librarian had been belittled for incompetence for quit some time. The librarian?s responsibilities included sending mainframe database backup tapes off site for storage. Management finally issued the pink slip. Instead of escorting the librarian to the door, a two week notice was given.

        A month after the librarians last day, the company found itself in need of database backup tapes from the off site storage facility. The tapes were retrieved and a restore was attempted. But? the backup tapes were blank.

        The company sued the librarian. The librarian?s defense ? you told me I was incompetent, I guess you were right. The company lost.

        Moral of both stories, get your ducks in a row before canning someone who holds the keys to the kingdom.

      • #3070685

        Good story John!

        by oldtimer1 ·

        In reply to Passwords are property of the company

        Other than when you do drag him in front of a judge 6 months down the road…”Encryption was part of my job and…mmmm..I forgot what the passwords were judge. They fired me and i just forgot when I stopped using them”…duh
        I`d love to attend that court case.

        • #3071699

          Nights in the Pokie as Bubba’s girlfriend might help….

          by g_tilghman ·

          In reply to Good story John!

          You think Bubba playing big daddy could “JAR” his memory?

    • #3070800

      Foolish me!

      by reinhardt ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      Somehow I got the obviously erroneous idea that IT was about working – not spending time in chat rooms debating the pros and cons of good grammar. Silly, silly me.

      Since I’m here though, tell me – just why is the IT field so loaded with individuals who have all the answers, are never wrong and more frequently than not are completely unwilling to come to grips with the idea that all people deserve respect and consideration? I’m guessing that in this crowd there are a lot of future consultants.

      • #3070730

        Future Consultants? lol

        by larry ·

        In reply to Foolish me!

        I can promise you that the number one attribute of a successful consultant is the ability to communicate in away that non-technical users can understand becuase being a consultant is first about being a good saleperson.

        I work with extremely non-technical people all of the time and have a tremendous relationship with my clients simply because I take the attitude that my primary job is to help them run their business. I.T. resources are just tools.

        I find it amusing that I.T. people think they are somehow more “special” than the marketing guy who has no computer skills outside of the application he uses to sell products for he company.

        Or I.T. people who have contempt for company management that is computer illiterate becuase they are in the concrete business but need systems to manage their multi-million dollar enterprise.

        To these people that bunch of equipment in the server room is no different than the concrete trucks in the parking lot: Just part of the infrastructure to run a business. I doubt these management people are any more savvy about diesel truck engines than they are about network servers.

        If you are an I.T. person who is not smart enough to figure that the food chain in any company is always like this:

        Revenue Generators (Sales, Marketing, Operations)
        Infratructure Maintainers (I.T., Facility Maintenance, Training Staff)

        Then you will not be a successful consultant.

        It is critical to understand that your technical skills are assumed if you have the job. Your people skills and communication skills will be the deciding factor in your overall success in any oganization.

        So here’s some free advice from a successful consultant: Integrating yourself into your client’s business is the key sucess factor. Your technical skills, which most clients cannot measure or understand, are a far second.

        • #3070614

          No offense intended..

          by reinhardt ·

          In reply to Future Consultants? lol

          I apologize if I offended you (or anyone else).

          I can assure you I understand fully that, if done correctly and with the customers best interests being served, I have no problem with consultants in any field. Perhaps to be more accurate I should have used the term Engineer. My sole point was that after many years in this business, listening to the so called experts has led me to the conclusion that the only difference between them and me is a piece of paper that says they passed a test and the amount of money they are being paid to do what I end up doing myself anyway. (This may be hard to believe but self satisfaction in a job well done, satisifaction and pride in knowing I can handle it are more important than the money.)

          I cannot tell you the number of times our company has paid big bucks to have “the professionals who know what they are doing” tackle operational glitches only to end up finding the answer and fixing it myself.

          Take system software installation and setup (such as Exchange) for instance. My experience with this has been that these “experts”, having done this at least several times, can run the installation program and apply the standard, as learned in class and via hotfix info, tweaks and setup. But come up with a question and they can not answer as to the “why’s” for it. Develop a problem and they have to do the same things I do – search out the answer. In some cases I have had to tell THEM that “No, that’s not the way it works or was designed to work..”. It’s almost as if they know just enough to pass the test to get the cert.

          Major difference – working for a company as one of these “experts” gives them direct access to the manufacturers engineers who have the answers.

          Most of the 50 or so I’ve worked with are merely paper dragons.

        • #3068697

          I was agreeing with you :)

          by larry ·

          In reply to No offense intended..

          You are dead on with your comments. I was agreeing with you. I am one of those IT pros that actually has to fix things since I do not have any pieces of paper. I had a guy that worked for me for a short time that had his MCSE and his A+ certifications, yet he could not even install a modem in a computer.

          I have friends who have little bags with a dozen certification badges and patches stuck on them that call me when they can’t figure out how to get OWA working on their server or open the ports on their routers and firewalls.

          My point was not so much about the technical side, although the term IT professional is a loose one indeed, but about how important relationships are in business.

          Having excelent technical skills should be the minimal expectation for anyone who calls themselves an IT professional, but having excellent people skills is just as important since laymen cannot tell if your skills are good or not.

          Getting the job and doing the job go hand in hand when you work off of referrals and references.

          Clients will always recommend someone they trust and someone they like. Even if someone is the ultimate guru, if they are unlikable or contemptuous when dealing with clients, referrals will be few and far between.

          So, we are in agreement. Just looking at the issue from a couple of different angles is all.

    • #3070765

      Where is his anger aimed?

      by kenneth.cottrell ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      If I were the new network admin, I’d call the guy and ask him – just one tech slave to another – for the passwords and tell him 1.) if encoding files made him feel like he was securing his job, that obviously didn’t work, 2.) if he has a beef, it’s with the company, not me (just let me get in here and do the job that you threw away), and 3.) the potential reprocussions of his actions (legal and with regards to himself in the job market).

      If that doesn’t produce results, I’d go after him with a focus like a laser beam. He’s messing with the company’s assets (even though the company took no measures to protect them – what fools!). I would even look into the possibility of nailing him for lost time and revenue.

      • #3070660

        Almost on Target to the Real Problem

        by jay51 ·

        In reply to Where is his anger aimed?

        Where was his anger aimed? It appears to me that management wasn’t doing their job at all here. First thing’s first some companies can’t afford to have more than one IT admin, but most just don’t understand how important IT is and there for don’t invest into that department or the IT staff. This guy was obviously unhappy and bored with his job and a good management staff would have known this and solve the problem before there were harmful actions taken by this IT Admin and prevented this entire thing. I agree that IT to IT talk would probably get the new guy what he needs but I warn the new guy will probably get enough information that he will quit. Sounds like a lack of good management and lack of knowing how important your IT department is. Now what I can’t figure out his how they could afford to hire the investigators but were unable to afford a larger IT Staff. Which would have been more effective here?


        • #3070567

          re: Almost on Target

          by rush2112 ·

          In reply to Almost on Target to the Real Problem

          I agree, there was no prelude discussed, just “your fired” bye!

          WHOOPS…we let him go now we not have any keys master, how will we operate?

          …once upon a time….
          Fear not Goblin clerk, we shall hire a rogue RANGER who knows the ways of the wild and he will come in with his trusty band of fighters who will restore our business network and the Hobbits once again shall have their gardening supplies.

          Then the quest for the Dragon-Admin shall begin once we have the funds to hire more Urukai to (ahem) “HANDLE” the situation within the confines of the law.

    • #3070751

      take him to court

      by avid ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      and pray that they cover all their bases when they hired him. admin passwords should be covered as intellectual property, and therefore they belong to the company.

      • #3070745

        A Thief is a thief

        by fdinel ·

        In reply to take him to court

        Yes take him to court but first

        Play it dumb call the guy offer some money… remember your dealing with a thief…
        Small offer i.e. let say 2k.

        Record all phone calls pay whatever you can…
        Sign whatever he asks…

        Get your systems working again.

        Then prosecute the guy to it’s full extent make sure he remembers this to his grave.

    • #3070750

      Hire a professional to recover your passwords.

      by larry ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      There are many companies that do what I do for a living: Computer Forensics, incident response and password recovery. Not sure where you are located, but there should be one nearby. Hiring someone who is not in the business of password recovery opens up a whole new can of security worms. You would basically be handing over your network to someone you have no idea about unless you use a company with a good reputation to do that kind of work.

      For instance I can reset your server passwords, crack your cisco router passwords, and almost any kind of document password. If the files are password protected at the file encryption level, I have software that will extract the files bypassing the encryption. That is a prime issue in computer forensics work. Getting to files people don’t want you to get into.

      So, my recommendation if you cannot access systems or files that are critical, i.e. worth the expense to recover, then you should hire a pro who does that kind of work.

      • #3070658

        yes… crack any PW

        by tonybaggadonuts ·

        In reply to Hire a professional to recover your passwords.

        With a little scripting know-how, a true IT pro can change any PW w/o knowing the original PW.

        This would be simpler and way less confrontational than contacting the firee (is that a word?).

        I also think IT ignorance is out of control. Luckily my CFO is tech savvy and aware of most issues, but whatever company one works for… those in non-IT positions have no clue what is possible from the help desk, though IT peeps know everything about what goes on at their desks. In today’s world, knowing only how to do YOUR job isn’t enough anymore. The synergy must be there.

      • #3068656

        Reply To: IT Admin “Was Fired” But… Was it a GOOD idea?

        by pickleman ·

        In reply to Hire a professional to recover your passwords.

        > For instance I can reset your server passwords,
        > crack your cisco router passwords, and almost
        > any kind of document password.

        Wow…you’re special.
        You have the ability to download freeware programs that crack passwords, and you take the credit as though you were some El33t CraCkEr D00d.
        Please, give me a break.

        > If the files are password protected at the file
        > encryption level, I have software that will
        > extract the files bypassing the encryption.

        This last statement was the sole reason why I decided to reply to your post. I was originally going to ignore it and chalk you up to another know-it-all, but this kind of ignorance is not something I can just overlook.

        Okay, let’s start with the basics. You can’t “bypass” encryption. If a file is encrypted, it means its contents have been mathematically scrambled so that every single byte from the first to the last is now different than what it used to be. In order to access the file, you have to decrypt it. There’s no “bypass” involved. And there isn’t anything that you or anyone else can do to “extract” the file without decrypting it.

        The fact that guys like you are running around in the I.T. field just makes me smile, because everytime I come across one of you, I know that I have job security for the next 375 years.

        • #3068551

          You make interesting assumptions.

          by larry ·

          In reply to Reply To: IT Admin “Was Fired” But… Was it a GOOD idea?

          Actually, I don’t use freeware for my password recovery work. Although freeware is available, I choose to use commercial password recovery tools.

          And yes, I can get past EFS using forensic software tools. I use the same software as most law enforcement agencies world wide. And, not it is not sleuthkit or other freeware stuff.

          EnCase Decryption Suite (EDS)
          Support for Microsoft Encrypting File System (EFS) encrypted files and folders, including domain authenticated accounts.
          Support for Outlook PST passwords (except Outlook 2003).
          Enables the automatic decryption and analysis of Windows registry protected storage area for Internet Explorer.

          You assume that I don’t know what I am talking about, when you know nothing about what I do.

        • #3071642

          Reply To: IT Admin “Was Fired” But… Was it a GOOD idea?

          by pickleman ·

          In reply to You make interesting assumptions.

          > Actually, I don’t use freeware for my password
          > recovery work. Although freeware is available,
          > I choose to use commercial password recovery tools.

          So even though there are plenty of freeware products that work fine, you choose to pay for something even though you don’t have to. Wow, that’s just brilliant.

          > And yes, I can get past EFS using forensic
          > software tools

          Yeah, well, guess what. At no time was in mentioned that this particular administrator limited himself to EFS. I think it’s safe to assume that if the guy was pissed off enough to go to these lengths to screw his previous employer, then he would no doubt use real encryption, and not the joke that EFS happens to be. If he had in fact relied just on EFS, you can rest assured that we wouldn’t be here discussing it because the problem would’ve been solved long before it became an issue.

          > You assume that I don’t know what I am talking
          > about, when you know nothing about what I do.

          Sure I do. I could tell everything I needed to know based on your wording alone. You’re one of those guys that gets through his days by “winging it”. But once you empty out your bag of freeware tricks and still have no solution to a particular problem, you’re left scratching your head with no clue as to what to do next. I see it all the time..

        • #3071598

          OK Pickleman

          by robertmi ·

          In reply to Reply To: IT Admin “Was Fired” But… Was it a GOOD idea?

          Instead of bagging a professional Forensic Analyst, why don’t you put forward your solution to the problem raised in the original post? Password cracking is not an exact science because new and more sophisticated methodologies are developing all the time. Nevertheless existing commercial software available to trained forensic people can be used to recover passwords very quickly from virtually any system. Encase and FTK are reliable and well established examples of forensic software. What is your experience in computer forensics?

        • #3071574


          by oz_media ·

          In reply to OK Pickleman

          >This guy’s’s Nuckin Futs!! 😀

          Just read all the other posts from him/her, perhaps a little attention grabbing? Nobody’s that dim, nobody old enough to go potty by themselves anyway.

          Kiddie in mom’s basement syndrome.

      • #3071601

        Hire a Professional

        by robertmi ·

        In reply to Hire a professional to recover your passwords.

        Way to go Larry! Have none of these people heard of Forensic Tool Kit and in particular Password Recovery Toolkit? A Forensic Analyst is the quickest way out of the mess this firm has gotten itself into. I note that most posts are about what to do with/to the perp. The original question was how to get back up and running. The new IT admin person is guiltless in this scenario and should be entitled to expect sound and sane advice from this forum on the most effective way to get the show back on the road. It is easy to badmouth firms for their lack of understanding of IT matters including security, but hey, that’s why IT staff have jobs.

    • #3070748

      Software Co. Staff patch passwords

      by lee.p.scott ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      Contact each software corporation and request a patch that will return the password to the software install password. An alternate is requesting on-site help from each software company.

      The best plan to cover for the unexpected is only as good as out of the box planning.

    • #3070740

      Have him arrested and put new procedures in place

      by mhasf ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      My subject says it all!

      • #3070679

        Arrested for what?

        by oldtimer1 ·

        In reply to Have him arrested and put new procedures in place

        From what little details that were given in the original story I don`t see a case, especially a criminal one.
        Maybe a civil one, but I doubt it. And this company doesn`t have the time.
        This company had a special secret group that found all this wrong doing?..but didn`t have the common sense to know hoe to run a network? Explain that one in court.
        Sorry but the mangement that put this company in this position should be fired. total incompetence.
        I worked for a large telco that did this all the time.Blamed the little guy for management design that didn`t work. And the ass that designed it? Promoted and long gone.

      • #3068764

        Well you would assume

        by tony hopkinson ·

        In reply to Have him arrested and put new procedures in place

        that given they had enough evidence to sack him for fraud, they would have enough evidence to bring charges. As for the passwords issue until he refuses to hand them over, he hasn’t done anything wrong!
        To be quite honest I can’t imagine anyone intelligent enough to royally screw his employers like this being unintelligent enough not to realise he’d be spending a fair bit of time in cell 3 with Bubba if it got near a judge.

        New procedures definitely as soon as they get enough system to have procedures for of course.

      • #3057940


        by jeffersnet ·

        In reply to Have him arrested and put new procedures in place

        Ok, read the post way at the top!

        It does not say that he broke any law of any kind. What if he downloaded software he paid for but on company time using the company network and the software was only so that he could learn it on his own time so that he could work on it? I buy books all the time to assist me in my job and I will go to Barnes and Noble using the company network on company time to learn more about my job. Would you arrest me because I spend my own money to order things for myself when my employer should really buy it for me?

        There are way too many people out there who act before thinking. Maybe this old IT manager wasn’t fired for a good reason and will end up getting a bunch of money from this company, that would be good. There are a lot of companies who have internal investigators who know nothing about computers and don’t know who to ask about computers and then end up acting on bad information. I once worked for such a company in Nebraska and LB 757 was introduced to get rid of the investigators. This legislative bill will be voted on in 2006 and I’m sure it will pass. The bill and testomony makes interesting reading, it is on the Internet if anyone is interested. Anyway, the bill was written after the investigators went after someone who they thought used a server disruption to make it harder for the investigators to find a picture of a monkey with an administrator’s face. The person was arrested for attempting to hide this monkey picture that he did not create using a system he was in charge of and was never told to stay off when he was not informed of the search details.

        Don’t assume you know things you don’t and try not to be such a jerk.

    • #3070681

      Learning curve for CEO’s

      by fooser dan the network man ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      To answer your questions:

      1 – Try to contact the previous admin and get the passwords.

      2 – Some smaller/growing companies may have never had to deal with “Real” IT issues in the past, and ignorance of IT is their main problem. I have an uncle with a small company who is sort of in the same boat (I have helped him out a little along the way, but I try to keep my distance for various reasons). This type of situation provides a very steep, yet valuable, Learning Curve for people like this.

    • #3070661

      Small company – IT prograstinates on documentation

      by cmc ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      We are a small healthcare company and I am the Operations Manager. We have an IT person that managers our server, software, network etc and continually puts off my request for documentation for our company. He says that we have a Disaster Recovery Program and Ghost images and that is enough.

      Can you tell me what specifically I need documented and how to encourage this fella to do this for me?


      • #3068822

        a bare minimum..

        by jaqui ·

        In reply to Small company – IT prograstinates on documentation

        you need a list of all software installed.
        a detail list of what hardware there is
        a detailed diagram of the network topology
        a complete listing of all admin passwords in use.
        cd keys / software serials
        hardware serial numbers

        in writing to the it guy:
        this data is required for company records, we need it fully documented by $DATE
        ( give reasonable amount of time for the deadline, the more detailed data you want, the longer the time required )

        if he doesn’t have it for you by then, you are looking at someone who is trying to maintain job security through illegal means.

    • #3070654

      3 bad ideas on the part of company

      by beoweolf ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      first bad Idea. In the effort to keep IT dept. “lean”, too many companies have too few employees, pay to little and expect too much. They got into this situation because of mismanagment…not having sufficent staff, an equally talented assistant, would have required equal access to the system.

      Second bad Idea. Annual or more frequent security reviews or audits, are set up to reveal and document just this sort of potential problem. Passwords to all signigant systems, applications should be stored in multiple locations. One should be a written list, sealed in an envelope and kept available, on site, in a secure safe(?) in an area distant rom the servers.

      If they knew they were going to fire him, they should have taken precautions to secure the password before discharging him…at the very least, during the exit process, they should have had him remain and provide the passwords to the new administrator who would then logon to each server, service or application to verify the legitimacy of each before escourting him off the property. As it is, final settlement of his related company affairs (should be leagally seized, held in escrow until he is forthcoming). Have a formular developed to propose a daily charge aginst his settlement, that accesses a charge for each day he does not comply.

      Third, seems they could have handle the discharge better. Summary dismissle seems a bit harsh (as well as imprudent) for assumed software theft. On occasion we have all purchased software or taken “evaluation” software that could be used in support of the company…home to spend our own time learning the ins and outs, in a less visible arena. Then installed it on the company servers. Was this the case, I don’t know, there aren’t enough facts to determine, but if the guy is as good s they thought he was, seems he was owed a fair hearing and possibly a probation instead of summary discharge. One of the conditions for probation could reasonably be made to require he place redundency for his position as a priority.

      Final: this is not as much of a tresspass as it might seem. Give the history of “time bomb” packages being left in systems by disgruntled IT workers, those with a tenuous grasp on their position or those who have some form of precognition. Just getting the passwords is no guarantee of security. If the guy has any abilities with assembly language, they could be in hot water for a long, long time.

      Moral: treat your IT people with some respect, manage, review, require justification for purchses and regulary audit system procedures…and watch them like a Hawk.

      PS. most Certificat base encryption systems have an account that can reset or remove lost encryption. Get a pro if you don’t have inhouse staff that can perform the service.

    • #3070648

      Hey Moose, Rocco, help the Admin remember those passwords

      by gnx ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      You could have some people assist him in remembering what the passwords are. Or I would just take him to court and sue him.

      • #3070595

        is it possible?

        by it-latino ·

        In reply to Hey Moose, Rocco, help the Admin remember those passwords

        Is it possible to sue this guy? I mean, has he legal responsibility for encrypting critical files and walking away?

        • #3070571

          He should have all this stuff written down

          by gnx ·

          In reply to is it possible?

          I have all my passwords etc. written down and placed in a safe that I and two others have access to. This is because of SOX. If the guy blatantly passworded everything you may have a case to sue him for the cost of getting them or you could do like they did when I was a kid. A drug dealer was in the nieghborhood and wouldn’t move because he was getting free rent (not paying) and new the renter’s rights. One night around 2:30 in August there was screaming coming from his house. Two guys were holding him from the third floor by his legs making him an offer he couldn’t refuse. He moved 3 days later. I don’t recommend this option but it works.

        • #3068819

          Waste Management Business

          by too old for it ·

          In reply to He should have all this stuff written down

          You know, a sap upside the head and waking up with cement overshoes has a way of sharpening the memory too.

          (Of course, that’s my answer to virus, spyware and port scanner writers, so maybe I’m just a little un-original in my thinking.)

        • #3068823

          Possible, but …

          by too old for it ·

          In reply to is it possible?

          … you would have for fairly complex and arcane technical, moral and technology questions being decided by 3 housewives, 2 retirees, a truckdriver, four plant workers ….

    • #3070632

      Start over!

      by mgordon ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      I am experiencing a similar problem; not that the critical files were encrypted — they don’t exist! A whole network was built in a 24 story building, zippo nada documentation.

      Now you might think that once bitten, management would become smart, but this seems not to be the case. What is very likely to happen is that the NEW administrator will be perceived as “inept.” Computer networks are all FM anyway; it is his _job_ to make it work so if the new admin doesn’t make it work, he or she _will_ be blamed by at least some of the staff.

      People who keep meticulous documentation (as I do) are sometimes considered challenged or old fogeys: “the OTHER guy could do all this in his HEAD! Why do you need all this documentation?”

      Old school, I suppose. I grew up in an era when documentation was MORE important than the computer code itself. “Empire builders” were despicable; showing very poor character as they tried to make themselves indispensable.

      So what does the new admin do? Insufficient information exists. If the critical documents were encrypted with some sort of Public Key encryption, such as PGP, basically you can forget decoding them. You might attack the passphrase on the private key if you can find the private key; you can use a Scanning Tunneling Microscope to try to recover uncoded fragments along the edges of the disk tracks. Got a million dollars? Probably not.

      So you start over but mind the politics!

      I was labeled inept a few years ago because I could not break the WEP key of a tenant’s access point. The problem lay in that the manager did not believe it was a tenant’s access point, but the corporate access point. So, what “matters” for your continued employment is what management “believes”.

      That can be helped with meticulous documentation; and we come full circle. Management needs documentation to believe that you know what you are doing.

    • #3070625

      Never a good idea to just fire a disgruntled employee

      by too old for it ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      If you can’t figure out how to keep him from being disgruntled, make sure someone else can keep the lights on before you let him go.

    • #3070600

      Work with the problem not with the past.

      by mike ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      First off …. Worrying about the who, what, why and how this happened is not my concern. This company needs help and worrying about anything except the current problem is simply not productive.

      Additionally in order to provide a solution to their problem I would need as much information as is possible about the network. I would need to know what types of networks I would be working with, (their size, OS’s used, number of users, etc. etc.). I would need to establish a clear set of priorities for restoration of the most crucial systems. I would need to know exactly what information is and is not available for restoring. I (depending on the systems OS) feel that most of the systems can be restored by hacking them and clearing the password or by setting the drive that contains the data as a slave in another system allowing usage of numerous tools available to recover the data. This is a breif (really breif) set of basics that I would start with.

      As far as the second question, yes I have established backup plans for exactly this type of scenario. Our systems are mapped down to the serial number, amount of memory, cpu type, passwords, etc., etc.. I montor and get any new or changed passwords on a regular basis. These passwords are tested and verified for access limitaitons and then documented (mostly using the free TechRepublic forms I have downloaded and modified).

      I do want to note that no matter what precautions one uses, there is always a way for an “insider” to damage your system. The best defense is to ensure that you have a current reliable backup source.

      • #3070568

        These guys are in start again mode anyway.

        by tony hopkinson ·

        In reply to Work with the problem not with the past.

        Even if the old admin coughs up the passwords or they get someone to hack in. There are still a bucket load of things that need to be put in place, including of course setting up such a system as you describe.

        None of that will happen though unless someone at the top of the food chain with a cheque book admits their part in this snafu and resolves to have his new Admin make sure it can’t happen again.

        Bet a years time they’ve got the system going, the new guy’s in charge and nobody above him has a clue what he’s in charge of ?

        It cost’s money to do things properly, and you might not need to spend it.

    • #3070597

      First thing to do

      by maxwell edison ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      The first thing I’d do is to call the city/county/state District Attorney, and ask if charges could be filed against this former employee for theft, sabotage of my computer system, interference with my business, and anything else that might place the fear of God (and me) into him. In the very least, this guy could be forced to return to the scene of his crime and set things straight.

      If not, I’d throw the book at him, tie him up in courts, both criminal and civil, for years to come, and make him regret his actions. But my guess is that after he cleaned the drawers he soiled because of the phone call from the District Attorney, he’d be more than happy to come back to make things right.

      • #3058170

        Actually, the Last Thing

        by wayne m. ·

        In reply to First thing to do

        The company is facing an immediate problem, the data is needed now. Going through a legal proceeding may result in a solution in weeks or months. After solving the immediate problem, the company can consider whether the benefits of legal action would outweigh the costs.

        • #3072557

          That’s what Max just said isn’t it?

          by oz_media ·

          In reply to Actually, the Last Thing

          Check your legal options, and then just cal the guy up. I think I would simply call and ask him first, he would probably offer the info without a problem. What’s with people being too freaked out to simply ASK for the damn passwords? I know it sounded like he’d string him up by the short and curly’s but I think Max would try a personal call then a legal call before taking action.

          If that fails, then yes a ‘legal’ phone call on the company’s behalf should do the trick, the company has a lawyer, have him make a quick call, not too expensive if not free and quick.

          If THAT fails, you have requested it personally, THREATENED legal action and now have ROCK SOLID foundations for taking further action, again, IF needed. As Max said, the lawyer’s call would be enough for most script kiddies to soil themselves over, but I doubt it would even take more than the boss simply requesting the passwords and then having the replacement admin keep his eyes open for intrusions.

        • #3072406

          Not to My Reading

          by wayne m. ·

          In reply to That’s what Max just said isn’t it?

          I believe the recommended course of action was “The first thing … is to call the city/county/state District Attorney ….” I question whether this is the most effective way to get the company’s information back quickly.

          I do not believe that a DA is going to drop whatever he is doing to make a telephone call for a small business. His interest is only going to be piqued if the intent is to press criminal charges and take the case to court. This is simply going to take too long to regain access to the desired files.

          Even if the company has a lawyer on retainer, there is no need for the manager to check with legal counsel first. The first reaction should be to talk to the individual in question and ask for his assistance. There is no need to make threats, legal or otherwise at this point. If the person in question is not willing to help when asked, I doubt that a legal threat will provide very much more motivation.

          In the end, this seems to be what Oz_Media suggested above, and this approach is a far cry from starting with a DA. From the information provided in the initial post, I would assume that the uncommunicated passwords and encrypted files were not an act of vengence, merely a matter of timing. A simple request may be all that is needed to put things right.

        • #3070938

          It appears that you misread both. . . . .

          by maxwell edison ·

          In reply to Not to My Reading

          ….my message and the original message.

          If you read in the original message that you “would assume that the uncommunicated passwords and encrypted files were not an act of vengeance, merely a matter of timing”, then you and I have a different definition of deliberate and software-hardware theft.

          Yea, right, it was just an “oversight” – NOT!

        • #3070943

          Nope, I wouldn’t play nice-nice

          by maxwell edison ·

          In reply to That’s what Max just said isn’t it?

          The original message indicated that this was “deliberate mismanagement of the company’s network systems …… to obtain software and hardware for both personal use and for personal private transactions”.

          Deliberate is the key word here; and “to obtain software and hardware” — MY software and hardware — is theft.

          If this is accurate, the time to play nice-nice with the guy has long passed, at least in my opinion. I’d jump down the guy’s throat with a vengeance, and make him wish our paths had never crossed. I might even hire a thug named Vito to pay the guy a visit. And after he was scared sh1tless and gave me everything I wanted, I’d probably still have the guy prosecuted for corporate sabotage and theft.

          But for Wayne M to read that I intended to suggest taking legal action instead of addressing the “immediate needs” is silly. Most people can walk and chew gum at the same time; and most companies could rebuild their network as necessary AND pursue legal action against a criminal at the same time.

          But no, I definitely would not ask nicely.

        • #3070977

          Some of you people. . . .

          by maxwell edison ·

          In reply to Actually, the Last Thing

          ….just take things too literally.

          Call the DA, call the corporate attorney, or whomever, but my point was to establish a legal basis for placing the fear of God in the guy, and then contact him to give him an ultimatum. If you read any more into it than that, you read too much.

          And I never suggested to go through long and drawn-out legal proceedings while putting the “immediate needs” on hold. I think most people, and most companies, are able to multi-task just fine.

          Some people just argue for argument’s sake, I guess.

    • #3070584

      This may work

      by jspencer ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      Do a side by side install of a domain controller on DC for the domain, this will get access to the files. Copy them to a windows 95 machine, that should remove any encryption. Get the hives from the first DC and use any of a myriad of Linux hacks to get the original password of the IT admin.

      • #3070552

        First practical answer i`ve read so far to just fix the problem

        by oldtimer1 ·

        In reply to This may work

        Instead of getting caught up in the whole who is wrong fight(I`m guilty)you`ve gone right to the core of the problem…find a way to fix it…Congrats

      • #3068698

        Not quite…

        by eric-m ·

        In reply to This may work

        Definitely a good idea, that would get you access to all the files that are not encrypted. But the entire purpose of encryption is to make the latent file jumbled and garbage until it is decrypted.

        If you just copy the file without decrypting it, it will be unusable.

        Assuming the files were encrypted using Windows EFS, then the best thing to do would be to wipe the local admin password on the DC, go into DS restore mode, create a task to launch DSA.MSC after 1 minute of idle time and run it as local system. Then reboot the system and wait for DSA to launch. That should work under 2003.

        If it is Windows 2000 then set the default screen saver to be cmd.exe with a 60 second timeout. Then reboot and wait for your command window to pop up, running with local system privs. Type DSA.MSC and then you can change the domain admin password.

        Then get in there and find out if there was a recovery agent.

        If the files were encrypted by the only domain admin, then you are screwed… If you change the password for a user from the server side I am pretty sure that breaks the link between the user’s account and the encrypted file, meaning the file can not be recovered by anyone but a recovery agent.

        But if the files were encrypted by the guy’s second account, and not the single domain admin account (Administrator for example), then log in as the domain admin, dump the SAM and send the hash away to a company with a good rainbow table.

        Good luck!

    • #3070576

      CATCH 22 – No win

      by bob.mcgough ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      I think it’s unfair to make reference to the company and lack of intelligence regarding this type of situation. Those of us who possess and yield this kind of power position, know that regardless of who you give a password to, when you give it, it is only valid so long as I don’t change it. Even if others had this password, this SA once discovering he was being investigated for something he knew he was guilty of or anticipated being fired because of being placed under investigation, could change the password at that moment leaving the company powerless to avoid this from happening. My assistant could very easily pull this on me and I would have no idea he executed this until a situation arised to reveal it. I’m sure everyone agrees that in this field, the high up the chain you are, the more you have to trust your close staff, or you place yourself in position that no one has access to the passwords or rights to change a password except for you. In the government, we are required to complete a password security form which is secured in an safe off site from the IT location. This is an Army regulation and failure to do this and keep it up to date is a punishable offense against DOD and it’s security access.

      • #3070539

        And the first good arguement in defense of the company

        by oldtimer1 ·

        In reply to CATCH 22 – No win

        This is the first post I`ve read that gives a good arguement against my stand in defense of the guy fired.(Please forgive if I missed this in another post.This thread is so long I know I missed a few)
        Unfortunately I`ve been on both sides(I use to be a union rep)
        More often than not (90% of the time)Managemnt is at fault. I`ve been involved in enough studies and as soon as the company saw it was management they would drop the study.
        But there are enough dishonest employees to cloud the picture.
        Since I don`t have all the facts I`ll stop taking sides in this.

        • #3068767


          by tony hopkinson ·

          In reply to And the first good arguement in defense of the company

          There may have been procedures in place, they may even have been audited, as an admin he could have easily curcumvented the procedure. Though with auditing, this action would be documented. However the fact that he got the push and they are now in a mess suggests, that those at least who implemented the decision to throw him out of the door with the passwords were not exactly cognisant of the relevant issues.

          Hmmm wonder if he’s got remote access ?
          or a modem inside the firewall for ’emergencies’ ?

    • #3068860

      The issue is BACKUP

      by mikeh6 ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      We ran an IT support agency, as outsourced Net Admin/Management personnel, and have run into similar situations many (too many times).

      Whether the guy deserved firing or not is irrelevant.

      ANY responsible IT admin/manager must give passwords, security codes etc. to at least one other peer or executive upline to ensure continuity in the event of tragedy, death, or fraud.

      The probability is this guy would give false passwords anyway, but the principal is the same. A smart superior would ‘test’ the passwords for key operating necessities.

      In Canada, where we operate, if this guy did this he’d be criminally liable to the employer for malfeasance, and civilly liable for whatever damages the company suffered as a result of his actions.

      We once had a ‘former’ employee try to extort additional payment in exchange for his passwords to server admin rights. The criminal charge in Canada is extortion and carries up to 7 years prison time.

      Mike Hedley

    • #3068843

      Again … and again

      by aapjanaya ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      Sometimes there are mischievous IT managers, it is true, but it isn’t a rule.
      An IT manager was fired after a disagreement with a brand new sales manager. The newcomer had no the slightest idea about company’s spartan practices and tight budget on IT, his service demands were just unrealistic.
      Five years of knowledge on the ERP suite in use thrown to wastage, network and IT users administration demolished, just in a single evening.
      A substitute manager was hired but chaos still is the main performer on stage.
      Recently the sales manager had a dispute with another ‘main business streamer’ -the manufacturing manager-, this time top people fired the sales guy.
      IT admins are not disposable. If one has to be replaced, it must be done carefully and planned in advance, if possible.
      Also IT roles must be well established, so that nobody becomes the sole resource on anything.
      IT means no longer just the gadgets at office desktops.
      An advice for a replacement IT Admin may be: “explain clearly the real problem to top managers”.

    • #3068834

      Didn’t he have a boss???!!

      by lsorour ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      His boss should have been aware of that .. stupid management and company policy

    • #3068782

      re hardware & software aquisition…..

      by jaqui ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      before assuming that any personal aquisition through company resources was illegal, I would check to see if the person did in fact pay the company the money used for the aquisition.

      I’ve ordered products for personal use with several companies, and paid the company for them before taking possesion of them. I get better quality products at a better price than by going and getting directly myself.

    • #3068720

      Reply To: IT Admin “Was Fired” But… Was it a GOOD idea?

      by the admiral ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      The first step is to complete assess all of the damage, and ensure that a dollar figure is put to the actual down time.

      Second, I don’t know if I would blame the management or the lack of corporate oversight for the inability to not put power completely in the hands of the one person that you fired.

      Third, forget bringing the person back. You will not get him to unlock the site at all. Only more damage will be done if, in fact, he is carrying a grudge.

      Fourth, if your tape backup strategy is to put it to unpassworded tapes, perhaps the new administrator can create a new server with storage enough to restore that info.

      Last, time to launch a criminal prosecution.

    • #3068631

      Outsourced IT

      by tony85 ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      .. for what it is worth
      I run the IT (as a consultant) for a number of small businesses. As part of this, I keep a Word document that contains all the settings and passwords for their systems. I keep this updated and give them a copy of it.

      This solves most of the problems mentioned in this discussion – it covers
      1) me falling under a bus
      2) me being able to brief someone for cover so that I can go on vacation
      3) the company know they are not being held to ransom

      Incidentally, I did have a case of a client who did not pay, and was so inept that I had full access remotely to his system. However tempting it was, I had to resist abusing this access. In fact, even during the time he had not paid me, I periodically sent him an email reminding him that he needed to get certain patches on. I have no idea what he did about IT support in the end, but I did eventually get paid.

    • #3053357

      give me one chance tp proov myself as an IT Administrator

      by shailace ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?



      NEW DELHI-110059
      MOBILE NO: 9818439467,9871391826


      To make a mark for oneself in the field of Information Technology. I believe on the objective of being growth with the growth of company & what I studied in theory to implement practically.


      Completed three years ?DIPLOMA IN COMPUTER ENGINEERING? from Maharaja Surajmal Institute of Pharmacy & Technology. Pursuing BCA from IGNOU.


      Name: CDACs OPEN Process Solution
      Location: CDAC (Computer for Development of Advanced Technology)
      A-335, Shivalik Enclave
      Near Malviya Nagar,
      New Delhi-110017
      Client: Power Grid Corporation of India Limited
      Tool used: SCO UNIX, C
      Duration: Two Month


      I had work with HCL INFOSYSTEMS LTD. as a Customer Support Engineer from April 2002 to February 2004 & after that I got selected in Digital Solution Pvt Ltd.,I had worked for Digital solution for one year & posted in Fortis Healthcare Ltd,Maharani Bagh as a FM Engineer. Now working with Team Computer Pvt Ltd as a System Administrator from 10th Jan 2005 to till date & posted in CDAC.


      Responsibilities in Fortis:
      ? Handling the Exchange Server 5.5 on Windows NT Server 4.0
      ? Maintaining the space on Exchange Server.
      ? Handling the traffic on the Mail Server, & Create the Space to run Exchange Server smoothly.
      ? Handling the Win proxy Server2.02
      ? Creating new user profile for Microsoft Outlook
      ? Handling the Norton Antivirus Corporate Edition on Exchange Server & make daily updates.
      ? Support the Desktop on all Windows Operating Systems as well as peripheral also.
      ? Handling the user queries, keep the backup of user data as well as Server also.
      ? Handling routers & having the knowledge of little bit voice over IP (VOIP).
      ? Purchasing of all components related to computers & peripheral.
      ? Handling little bit of Administration also.

      Server Management:
      Objective under this section is to ensure that the operating system is administered and tuned well. Administrate the operating system and ensure the availability of the platform for running of applications and aid processing by users.
      ? Maintaining operating system and ensure the proper functioning on the server 2000/NT.
      ? Ensure proper connectivity to operating system.
      ? Backup and support for restoration Data.
      ? Domain account management.
      ? Daily checklist will be provided on server health.
      ? Create new file systems and correct the file system inconsistencies.
      ? Install Operating System upgrades and patches.
      ? Reload Operating System on servers as and when needed.
      ? Monitor disk space usage.

      E-Mail Administration:

      ? Mail boxes maintenance i.e. user mail ID creation / transfer / deletion on the Exchange server version 5.5.
      ? Workgroup management through the ID creation and deletion.
      ? Address Book maintenance.
      ? Procedure for mail account management ? creation / deletion / transfer of users.
      ? Monitor the mail system at regular intervals for pending mail to ensure prompt mail delivery and take proper action whenever required.
      ? Monitor the disk space occupies by users, submit a list of disk space defaulter to the IT head on regular basis.

      Responsibilities in CDAC:

      ? Desktop Support includes installation, Support, Maintenance, troubleshooting of various hardware, operating systems and applications.
      ? Defining and resolving the problem alerts.
      ? Call logging.
      ? Tracing, diagnosis and resolving faults.
      ? Identifying recurring problems, reporting trends to management, and recommending solutions or correction procedures to initiate escalation process if required to resolve the problem.
      ? Maintenance of asset register.
      ? Maintain and Monitor warranty/ AMC details.
      ? Create /delete/Modify users & group.
      ? Desktop to LAN connectivity.
      ? Printer management.
      ? Shifting of all PC?s, Server?s and Peripheral from one site to another i.e. site shifting.

      Server Administration:

      ? Network Maintenance issues such as attach, login, printing.
      ? Creation/ Maintenance of users and allocation of access rights/ID?s
      ? Support for virus prevention and cleaning method.
      ? Managing Disk space availability.
      ? Operating system up gradation and maintenance.

      KILL SET

      Operating System: MS-DOS, SCO UNIX, WIN 95/98/2000/XP/NT, MS Exchange 5.5
      Server: WIN NT/2K Server
      Language: C, DATA STRUCTURE, PASCAL.
      Others: MS OFFICE 97/2000/XP




      Six months certificate in Hardware & Networking from GEC, New Delhi.


      Total three year of working experience.


      Complete Diploma in Computer Engg. Securing 69%.
      Completed 10+2 with Science Group in 1999 from CBSE board New Delhi.
      Completed High School with Science stream in 1999 from U.P board Allahabad with First Div.


      FATHER?S NAME Om Prakash Ayra
      DATE OF BIRTH September 09,1980
      SEX Male
      HOBBIES Listening music, chatting, journals


    • #3072465

      Once upon a time……………………

      by sleepin’dawg ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      The story goes there was an IT honcho that was working for a Fortune 500 company that was going through downsizing. After living under the threat of being made redundant he wrote up a program that would kick in after x number of clock cycles if his employee number came up for severance payout. After due consideration and a bit of selective system scanning he was able to hide his handiwork by attaching his program to several other employee numbers that would probably be laid off at the same time as himself. If his program ever kicked in it would be hard to determine the culprit because it would be traced to several supposed sources. The program was designed not to activate fully until he and the others were outside the company for over 15 days. His program was designed to take down the whole company wide system in a gradual worm attack. By the time anyone was aware of it the data would be so corrupted that he’d probably be undetectable and untraceable. Did it actually happen??? Who knows??? but I’ve heard this story so many times over the years that maybe there’s something to it. Either that or it’s just another urban myth. Would any company be willing to admit they had been victims of something like this. I’ve heard this story applied to NASA, GM, Citibank and others but would any of these admit something like this happening. I personally think it is urban myth and most companies would/should have backups available to get up and running in a few days if not hours.

      [b]Dawg[/b] ]:)

      • #3072452

        I’ve heard it too

        by jamesrl ·

        In reply to Once upon a time……………………

        But never once met someone who has first hand information.

        On the other hand I do know well a company who writes software for a vertical market who can and does reserve the use of such a device in a situation of last resort – when the customer refuses to pay for x months and it looks like going to court is the only way to resolve the issue, some software is installed that will stop the system from being able to be accessed by the customer. Its all in the contract, but many customers don’t read it.


    • #3072362

      Some Questions with a simple plan

      by thomaskelly ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      If I were the new Admin I would first assess whether or not the “essential files” are mission critical. Then, look for any back-ups exist outside of the previous Admin employment and assess the back up strategy.

      If there is an incremental back up plan, when the files were encrypted they got backed up. If you could find that time (possibly around the time when the Admin started falling out with the company) you could see if it exists on the previous back up. Look on the server that the files reside on, when where they last modified, accessed ect? Then look for files (including programs) that were created/modified around that time as well to see if perhaps there is a file denoting any pw references or even the program that was used if Third-Party.

      As for the unexpected, by definition, if one has a plan then one expects it.

    • #3060665

      it admins

      by Anonymous ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      i dont find the action of the old admin a professional one ,i dont know the way that his was fired ,and make him to do such an action , any way we are ADMINISTRATOS AND HIGH PROFFESIONALS we mustnt do things like that in any way .as for the company seems that is not a good one because the relay on one person and they dont have any idea of recovery ,they have only two solutions or the hire from some secure company people to brake the passwords ,or if they have backup plan to build up the all network from the begginig and to restore all the applications ,if this is not possible ,the will pay a big packet of money to the old admin to give the codes or to some company to brake everything .

    • #3046699

      three words of advice………..

      by irishgjf ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      Reading all of these posts reminded me of something I heard long ago; DOCUMENT, DOCUMENT, DOCUMENT. And, should one person really be the only one who has all of the documentation? Depending on the company, I would say, No. An Owner, President, VP or someone in authority, even though they may not have the knowledge how to use it, could provide the road map to the company’s proprietary information to the next admin.
      As far as the contractors, I agree with a couple of users who mentioned spelling it out in black and white to begin with. But, I guess that still goes back to what I said at the beginning.

    • #3043494

      Total Mess !

      by jacobhusain ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      Took charge just this week of a branch office whose previous IT Admin was ejected. Myself being the new Admin will take time understanding the network and tracking the IPs. Given a few days all will be fine.

      My companys backup plans ?? NIL
      they never think an Admin would leave them and believe that this job is like anyother clerical job where it takes just 2 days to get to know the job.

      But Dear Admins remember the Johnny Walker tagline
      “KEEP WALKING ! “

    • #3115573

      IT Admin “Was Fired” But… Was it a GOOD idea?

      by grobi43 ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      The new IT admin should request outside assistance from IT forensics, internal and external IT adutors and software personnel to trace just how damage the Old IT admin has done; if charges can be pressed on the Old IT admin, then charge him with the appropriate computer crimes, otherwise the company’s sole focus should be to support the new IT admin’s efforts to get the shop back right!

    • #3115190

      I replaced a disgruntal IT guy

      by tejones ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      To answer the first question I need to know how bad the network is. If the network is operating at less than 40% and network users are getting ready to stage a revolt I would start over. Personal experience has shown this to be the fastest way to make the most users happy. And for the second question, since I am the sole IT person in my company (200+ people) I keep mirror image drives (the HD) of critical computers locked in my desk, just in case. I don’t worry about work stations.

    • #3116097

      Prudence regardless of amicability

      by jwong ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      All management personnel should always have a recent up-dated list of passwords for their entire environment. IT Administrators the necessary power to place any organization into a long tail-spin before it is all resolved.

      I get along with my CEO and other upper management very well and with some outisde of the organization. But prudence would have me have a list of recent passwords so that I am never accused of holding the corporation in “ransom” for the “passwords”.

      As for the IT Admin that was unethical, you can ask for the passwords and you might get them; but more than likely if the termination was on “bad terms”, hire an expert and crack the codes and learn from this “expensive lesson”

    • #3114963

      I’m really missing something…

      by mysterio41 ·

      In reply to IT Admin “Was Fired” But… Was it a GOOD idea?

      It never ceases to amaze me that IT Admins are often blamed for “poor network performance”, and then are subjected to rather ruthless evaluation by others who do not understand the job.

      “There was an IT Administrator who had been fired from his Company, do to deliberate mismanagement of the companies network systems in order to acquire new products and software for which they proposed – was the best solution in order to fix the problem, ”

      Can any one of you administrators out there (myself excluded) tell me WHEN you’ve not proposed solutions to problems with your network?

      I find it odd that there are torches burning, pitchforks in hand, etc., when we have only one side of the story. Do any of you REALLY think that your bosses — unless they are IT pros — know what you do for the company?

      How many admins out there live with a stranglehold because what you know should be done to improve service, cannot be done as management has decided it isn’t as important as YOU think it is?

      I’m going to go with an “I’ve seen this situation before, lived it, got the T-shirt, didn’t like it, gave it back.” approach. Oddly, I wonder if the admin didn’t surrender the passwords out of spite, or to force the company to do what is RIGHT for his/her replacement by starting over.

      Oh, and so I’m not forgetting, the software for personal use? Who DID discover it and how? Someone had to have committed a crime there to find it on the admin’s personal home computer, no?

      Just asking.

      • #3116700


        by jmgarvin ·

        In reply to I’m really missing something…

        This has be discussed ad nausium and you are late to the show….so read the thread….

        • #3116161


          by mysterio41 ·

          In reply to RFTT

          Yes, I am late to the show. And, YES, I have read the thread. But I will note, other than your derision, you DIDN’T answer my questions.

          Care to respond with something else? Or should I ask you to read the thread?

          And I am certain you meant for me to RTFT… But that’s ok. As I said, we’re not expected to be perfect. But we can at least try to get our points across. I actually read your post 6 times before I realized you just mistyped your derision. It’s ok. I shan’t give you trouble… I prefer the haughty types who don’t read what I’ve posted, and shoot from the hip. I’ll have your job within a month. If I desire it…. Now imagine what your bosses will think (they read this thread also) and you sound like what?


        • #3116138

          Get off the high horse

          by jmgarvin ·

          In reply to Hmmm…

          I don’t hid whole I am, nor do I feel the need to respond to your points. You hide who you are with nothing in your profile and little, if any, content in your posts.

          If you read AND comprehended the thread, you would known that your questions (and invalid points) have been addressed.

          I refer you to the top of the thread:

          My bosses know who am I am they know my mentality. I have no time for self impossed ignorance. I also highly doubt you could “take my job” or even do what I do, but thanks for playing.

          I don’t hide who I am, but you…Mr. Troll…do…So if you are so great, why not add information about yourself to your profile?

Viewing 50 reply threads