Security

We have a tech with very little experienece that was given system admin rights over the network. This guy is a joke. We had a project to upgrade Win98 PC's to Win2k. This was done so we could have more "control" over users that were installing unauthorized software on the company's PC's. This guy goes around turning on the local admin rights on machines and forgets about what he did. Giving people unauthorized access to the internet is another thing he does. He DOES NOT document his tasks which makes things VERY difficult for the rest of us. This guy wants to be liked, so he sucks up to everyone. He has no clue to what he's doing on clients or servers. NONE!

Our supervisor is afraid of confronting him to avoid an argument since this guy is so short-tempered. So, we gone on with a network that is vulnerable. Our clients are being turned into Win98 machines since their local admin rights are turned on. We also have divisions with admin rights since our supervisors has a fear of saying NO!

What does one do?

Who ever gave him that job needs to be fired too. Who reviewed his expertise, especially when he was given such a high access level. It sounds like references are ignored

WutDunHell.
Maybe, company politics has a play in this. Maybe it is not the case of whom he knows, but, who knows him.

Be careful if it involves company politics.

Instead, why not train him. Let him attend some trainings or seminars. That, if my suspisions are correct. it will be coming bonus points to you if you can become his mentor. Even for the sake of politics, then nobody will be blaming you for that. Boy, I guess, we are a little off topic.

Bret (BMN).
You did not mentioned if you are alone, or with a team. Why? When it comes to this, two is better, and defintely, far more better if there is a lot more people doing this sort of thing. Let me explain. Even though you have thinked it over a lot, these policies, procedures and the like, there will be always be a "thing" that you did not thinked of.

My suggestion? Sit down with a group of people related to IT, or perhaps, your job, say, in you IT dept, if it has one, and also include the management in some point. Or, your friends might help. Then you guys think it over. General Idea? Of course it is. There a lot of technological and social issues to be addressed. One single person might think it all over, but it will definitely take time.

Some pointers about:
1. Technical side. discover more about what is new and max. the use of what you already have.
2. Social issue. The management. Definitely, they will be asking for more access rights. And beyond.
3. Security. It covers both 1 and 2.
4. Psycological and mental issue. This will be related to stress in the working environment thus affecting productivity.

I did not elaborate on much of the details. But that suggestions I gave is the ones WE did in where I am.

I hope this helps.

C'mon now, whoever hired him should in fact be fired. The company simply should have implemented and agreed upon, documented procedure as to steps of upgrading desktop machines. Everyone on the committee who is in charge of the directions will then also know who knows what and the lack thereof. In his case, IF in fact he sucks as you say he does, then his input would have been very little, and would not have been permitted to make those types of stupid changes....Of course I could go on and on about this topic but don't have the time. Good Luck

That sounds like management not taking control. The supervisor should know if this guys knows what he is doing. If not you need to get someone in there that does. There are a lot of IT people out there looking for jobs that are know what thay are doing. But if that company is cheep and doesnt want to pay decently for the better service. Then I guess you get what you pay for.

Everybody knows what should be done, get rid of him.
Though easy to say but not to do, maybe first because you don't have much legitimate say about this.
Well gain that legitimacy.
Manage to convince whoever has the power to do so to hire a security consultant. Someone totally outside of the company politics and that is not scared to call a cat a cat. As a consultant we do know that part of our role is take the blame in order to preserve a social peace whilste solving delicate and potentially emotional issues.

You may want to trigger the need; you know that a machine is vulnerable, well expose it to the open.
Target someone important enough, but make sure you don't kill you company's business and endanger your position. Don't make it personal.

I hope this will help.

Cheers.

CFT

its obvious the fellow dont know the implication of his actions on the network, his expertise is in real doubt so as consultants, there is a need to let the fellow know his shortcomings and the long term effect that it would have on company's resources and the image of the consulting firm. so lets face the fact, he has to understand the responsibilities of a network admin thats if he is qualified enough if not let him be fired. that it.

Small Business, especially the one-person office types, seem to always forget about disaster recovery. Oh, they MEAN to back up the computer someday, but it always takes too long and they can never find the disk or don't know how to restore anyway. . .

And it's not just backups, it's also an alternate internet &/or phone access, etc. In my world, anything that could take you out of business for even a day should be at least looked at. (JMO)

Who cares if your end-users have local admin rights.You're going to find that MANY programs and/or services are going to require admin rights locally. Scripting, mandatory profiles, Active Directory and good network security is all you need. Oh, and did I mention a copy of Norton Ghost. Who cares if they **** up their local machine. You can ghost another machine up in under 5 minutes and give to them. Why spend countless hours troubleshooting permissions or registry based problems?