General discussion

  • Creator
  • #2186187

    Why are heads NOT rolling?


    by fcleroux ·

    Am I the only one here that thinks this, but why are heads not rolling?

    Many large virus / worm outbreaks in the last several years that have afflicted many large companies have almost ALL been preventable.

    The infections have been avoidable either with proper Firewall Protection alone, or proper Anti-Virus Protection alone, or Proper OS Patches and Updates alone. With all three protection systems in place (ALL PROPERLY CONFIGURED AND UPDATED!) these viruses would not have infected most systems.

    So, if these infections were all completely preventable, why are IS and IT heads not rolling. Why are these people NOT being fired for incompetence??

    If they requested that technologies be in place or implemented but approval from above was refused, then why are the VP or CEO heads not rolling??

    Some staff members can make a simple mistake that costs a company a bit of money (like a user not following a policy, infecting their own system with a virus, and they get fired for it). Yet, these preventable virus / worm outbreaks cost some corporations millions of dollars in down time and lost business, yet no one gets fired?

    What?s up with that??

All Comments

  • Author
    • #3067371

      Good question. I don’t have a good answer.

      by stress junkie ·

      In reply to Why are heads NOT rolling?

      It makes you wonder what the heck is going on in the management of these businesses.

      • #3056490

        Lack of Support from Upper Management.

        by jtrainer ·

        In reply to Good question. I don’t have a good answer.

        In my organization, we have to keep our version of Windows 2000 Server at SP2 and SQL Server 2000 at SP2 because of version compatibility with our ERP. Change the SP and the app no longer works. Upper Management refuses to pay the maintenance fees so that we can upgrade to the lastest and greatest. We are vulnerable to attacks because MS doesnt support those earlier SP’s with security patches. When asked to update subscriptions to our anti-virus software, the response is “tell them not to use the Internet.” I think upper management needs a reality check and realize that to prevent these outbreaks you need to free up some capital.

        • #3056446

          Lack of Support from Upper Management.

          by rloski ·

          In reply to Lack of Support from Upper Management.

          Management needs to make sure that their IT personnel have the time to keep up to date on threats and their solutions. We can’t be working at 100% fixing problems and have time or energy to research potential threats.

          And that means money!

        • #3056294


          by activated ·

          In reply to Lack of Support from Upper Management.

          You need to be fired for blaming others.

        • #3056203

          Dilbert Manager

          by kblack1a ·

          In reply to Baloney

          Are you the pointy haired manager on Dilbert? Sounds like management might be a little defensive.

        • #3056101

          Truth hurts

          by bndplus2 ·

          In reply to Dilbert Manager

          Perhaps that’s why he’s so defensive.

        • #3056100

          And you’re a manager in IT?

          by blarman ·

          In reply to Baloney

          In today’s world of outsourcing, downsizing, and doing more with less, you suggest these aren’t valid critiques? You must work in management.

          Whose responsibility is it to set goals for IT and monitor progress towards those goals? Hint: Management!

          If management’s goal is to reduce company exploits to zero, they then would have to take responsibility to devise a strategy for obtaining the goal and allocate resources to do that. Most managers aren’t either technically savvy enough to do this, or look at the expense coming off the bottom line and say “It’s not worth it.”

          Management issue? You bet it is.

        • #3056063


          by bndplus2 ·

          In reply to And you’re a manager in IT?

          Wow. What a well written, consise response.

          “In today’s world of outsourcing, downsizing, and doing more with less, you suggest these aren’t valid critiques? You must work in management.”

          *claps hands*

          *waves arms*


          How many hours a week do most admins put in? Mine, although slower these days, is still a MINIMUM of 50. Standard is around 60. Vacations range from 10-40 (seriously – last year I got wind of some new vulnerabilities and spent time looking into them and firming up the firewall. Remotely, over a SLOOOOW connection, with my laptop. That was probably close to 40 hours (connection issues accounted for a substantial amount of that, honestly)). My efforts were required because there’s nobody else here who can do what I do, and I feel a personal sense of responsibility to maintain my network whenever possible. I feel that effort and attitude are not recognized, appreciated or rewarded, and that’s one of the hardest things about my job. People like this guy are typical of this type of thinking and attitude, and make our jobs so unrewarding.

          “Whose responsibility is it to set goals for IT and monitor progress towards those goals? Hint: Management!”

          Yup. But if there’s no management committment to enabling you do to the work, then it’s pointless. Around here, there’s a ton of lip service but no backing it up. If there aren’t enough hours to do the task, or we can’t be allowed the system downtime, then how can we accomplish our tasks? How do we win? We DON’T.

          “If management’s goal is to reduce company exploits to zero, they then would have to take responsibility to devise a strategy for obtaining the goal and allocate resources to do that.”

          I define the strategy. I outline it, and they tell me I can do whatever I need to do. They say they will give me the time/resources/skills, but when it comes time to deliver, they change what they told me I’d have (downtime, resources, whatever). My company, for instance, thinks we’re a 24X7 business. We KEEP it that way, for the most part, but that’s due to very proactive management of the systems and applying defense in depth wherever possible. But when you need to down a system to apply a patch, you’re given relatively no time at all to be fully operational again. They WANT 24X7 operation, but aren’t willing to invest in the manpower, training or make other resources available that would facilitate that. If it costs money, they don’t want to hear it. Since our time is free, they don’t care how much of our time we spend. That’s the reality. But we can’t make the bits and bytes and processes line up properly without a reboot/downtime. They don’t understand the intricacies involved, and for the most part they don’t care. They’re used to pushing sales numbers and other things that are far more easy to quantify. Computers are not absolutes and are not as easy to work with as they think they are to those of us who are technical. There’s part luck, part finesse and part educated planning. And those vary. I can’t count the number of times I’ve thoroughly researched a patch and had it blow me out of the water, anyway (ones that modify TCP/IP, for example, get a lot of my attention). Maintaining these sytems requires a liberal allowance for downtime, and often we just don’t get the time we need.

          “Most managers aren’t either technically savvy enough to do this, or look at the expense coming off the bottom line and say “It’s not worth it.””

          Yet the admins are the ones who are looked upon poorly when something happens.

          Even with as liberal as I am with multiple layers of defense, we still get whanged by a virus now and then (not on the servers but the clients get hit now and then). It’s not that the virus scanners were broken or not updated, or that the system wasn’t patched: it was because the virus scanner failed to catch it in any of the 3 previous layers (but, for the record, the desktop scanners DID catch them. This is good but also disturbing in that they should have been caught at the first point, not the last). One of the layers I need to add is a scanner from a different vendor, but that also takes money (hardware, software).

          Note I did NOT say “time” as my time is worthless to them….

          “Management issue? You bet it is.”

          You’re preaching to the choir, my brother…

        • #3056058

          Ditto plus

          by wroach4 ·

          In reply to Bingo!

          I work for a state agency . mention security to non-IT staff or management and they act like your an overeactive paranoid. Management is no help and I am waiting for the day one of them brings the system down. We have policies in place but now way of enforcing them . Fire management not IT.

        • #3047309

          YAFIM – Yet Another #$@%ing Idiot Manager

          by nighthawk808 ·

          In reply to Baloney

          It’s nice to see that the Department of Labor’s “Executive Placement for Morons Program” worked for you. What’s next, Hooked on Phonics?

          I guess you don’t have to worry about being fired, do you? After all, the Americans with Mental Disabilities Act would preclude that for you.

          I’ve said it before and I’ll say it again: the most inane, incoherent, or outright useless posts always come from:

          A – a person with manager in the title
          B – a person with the Windows logo in their avatar

          This isn’t to say that all posts from the above groups are stupid, but almost all stupid posts come from them.

        • #3055982

          risk analysis

          by cheufte ·

          In reply to Lack of Support from Upper Management.

          Upper Management doesn’t rate the risk and cost to be high enough. I remember writting a 3 days session on training non IT professionals to use IT tools. Trying to sell the training, I faced from top execs so many conter arguments such as: “we will fire the one who infects the rest of us” (guess who infected his all department a month later?) or “we don’t need that, we just upgraded our browsers” . Many of those interested wanted it done in one day or less…

        • #3053810

          Lack of Support from Upper Management

          by wetsox ·

          In reply to Lack of Support from Upper Management.

          Good point, then throw Sarbanes & Oxley in the picture.

        • #3056353


          by ali40961 ·

          In reply to Lack of Support from Upper Management.

          How many times has our org had to jump thru hoops trying to make apps work with the latest and *greatest* patch/SP? Too many to count. I would b a rich woman if I had a PENNY for each incident.

        • #3056352

          Heads should roll

          by trekman1 ·

          In reply to Lack of Support from Upper Management.

          Anyone who suggests to use windoze over a Unix OS (SUN, MAC OS
          X) in their environmnet should be fired

        • #3056087

          OS is un-important

          by nzbn ·

          In reply to Heads should roll

          It does not matter what OS you are using, each from Novell to sun to windows has its own advantages and disadvantages, each is vulnrable in some way so it is about choosing the best OS for the job. Not I hate windows or I hate Mac, thats school kids stuff. Get a decent AV like NOD32 a decent Linux based firewall (NOT ISA its based on the Windows Server OS which is too vulnrable for firewalls) And choose your south side OS to suit the apps you want to run most efficiently

        • #3056037


          by trekman1 ·

          In reply to OS is un-important

          I have to disagree it has everything to do with OS. Windows
          architecture is full of holes and no where near as mature as the
          Unix environment.

        • #3054582

          Software for constantly upgrading OSs

          by 0troy ·

          In reply to OS is un-important

          I think he was saying that writing software for windows is a lot harder than writing it for other OSs. Not often does Unix undergo a dramatic change in the way the operating system works. While every third windows patch seems to break custom third party programs

          Agreed that if your company spent money developing or buying this tool that only runs on SP1, it’s hard to say, “Abandon the expensive tool and go for something that runs on *nix.” (such a move might be construed as a request to managment to fire you)

        • #3065167

          Learn our lessons well!

          by masinick ·

          In reply to Heads should roll

          trekman1@… on: 08/25/05, said:
          “Anyone who suggests to use windoze over a Unix OS (SUN, MAC OS X) in their environmnet should be fired”.

          Well, I come from a strong UNIX systems background myself, and I most certainly prefer UNIX and UNIX-like systems myself, but to make a sweeping statement like that is just inviting controversy, it isn’t solving anything.

          While I prefer to use inexpensive Linux desktop software at home, and I am using it right now, I can understand why people flocked to Windows and why they don’t rush off to something else.

          Windows software on the PC was the first thing that ordinary people could use without having the kind of degree and years of experience that I am fortunate enough to have.

          I have had a long standing beef with UNIX vendors. They could have done something about usability at least fifteen years ago, but instead they fought amonst themselves and split into two or three camps, fighting against AT&T, who they feared would come in and dominate the computer industry. Instead, they wasted time while Microsoft turned Windows from a toy into a very usable and useful platform.

          Microsoft made many mistakes along the way. It’s obvious that they had virtually no understanding or appreciation of computer security.

          I can remember in the mid 1990s, when Java came along, how it was considered very insecure to do certain things with Java. Did it stay that way? No, not at all. Sun and those who worked with Sun developed many schemes to make Java useful and usable and to isolate insecure features.

          So Microsoft has ignored some things in the past and UNIX vendors have ignored other things in the past. Each can learn much from each other. Microsoft still has a long way to go to tighten up system and application security. UNIX systems still have a long way to go to make themselves easier to use for every day tasks. Linux systems have a bit of an edge on UNIX systems, but they have much of the same baggage and need some of the same improvements.

          Instead of bashing each other over the heads and criticizing one another, I wish all software developers would study history and learn from it.

          When I was going to college, I did not like history. In retrospect, I think it was because my teachers and instructors in those courses did not light my interest. In contrast, one of my high school math teachers lit my interest in computers and that interest has never subsided.

          Let’s get history and computers together and learn some lessons from each!

        • #3070144

          Lessons Learned Part 2

          by trekman1 ·

          In reply to Learn our lessons well!

          That was very well put. But, I have to say that Apple has done a
          superb job of melding the complex Unix environment with a
          beautiful and very easy to use interface. Unix is light years ahead
          of Micrsoft. Although I still don’t consider Microsoft a serious OS
          but a toy like you had stated. If Microsoft OS was any good then I
          wonder why they are using the Apple G5 MAC to create their games
          on their new Xbox. Also, why are they using Unix systems on
 it is because they know themselves that their OS is
          unstable and cannot be used for high volume computing.

        • #3056282

          Pass the Buck

          by richards_unsubcribe ·

          In reply to Lack of Support from Upper Management.

          Upper management is generally non-technical and they often don?t know what happens in the server room. It’s pretty easy for the IT pros to pass off problems, security vulnerabilities, as problem created by someone else. The day-to-day operation of many companies is highly dependent on the expertise of the IT staff. Upper management, bean counters, and the other sundry pooh-bahs often don’t know or even want to understand what’s happening downstairs. It’s pretty easy for an IT pro… who the company is highly dependent on, to pass the buck.

          But let a scribe… let a lowly cubicle dweller screw up and an example must be made to all… its summery dismissal for “violating” a company policy!

          This issue is more about office politics and the corporate pecking order than it is about “security”. It’s about who counts and who doesn’t, who can pass the buck and who can?t, who is expendable and who isn?t.

          Someone tell me I’m wrong…

        • #3056175

          Not all levels of IT

          by haidehaide ·

          In reply to Pass the Buck

          It very possible the buck is passed to lower levels from top down, while the interest and dedication to security is suppressed from the bottom up. Many times the corporate security gurus get ofended that someone down the lather keeps it site secure, while other sites get constantly hit with worm, trojan horses and spyware, not to mention the spam. What are the managers in the middle to do ? Praise the low level techies that effectively protect their sites using freeware, shareware or trial versions of anti-everything, or bugg the upper level security officers to plug the security holes ? It is easier to fire a lower level tech who, in spite of his managers request of doing daily mindless jobs works long hours to keep security holes plugged. Why woul local manager hurt the ego of the security officers ? Go figure …. I call it office politics … that HAVE TO GO !!!

        • #3047312

          I don’t believe it!

          by nighthawk808 ·

          In reply to Lack of Support from Upper Management.

          A manager with sense! You guys are all too rare. It’s always nice to see someone with the title whose post actually contributes to the discussion in a positive way. Most of them are somewhere along the lines of “If you can’t do the impossible with no funding and have it done yesterday, then heads will roll!”

      • #3056257

        IT Witch Doctors

        by psk_ ·

        In reply to Good question. I don’t have a good answer.

        The fact of the matter is that upper management is completely ignorant of the ?Witch Doctor/Wizard/Tech high priest? guy in the server room does or fails to do. They must rely on the one who failed to protect to confess?Right!!! <>

        • #3056222

          Agreed, it is about perceived culpability

          by mgordon ·

          In reply to IT Witch Doctors

          Just as the I.T. expert is rarely recognized for his or her expertise, so also is he or she seldom blamed for failures. It is two sides of the same coin.

        • #3047068

          Good point

          by 0troy ·

          In reply to Agreed, it is about perceived culpability

          But, which would you rather have? I think that question is the difference between a professional and a lazy admin.

      • #3054583

        Management doesn’t know it was preventable

        by 0troy ·

        In reply to Good question. I don’t have a good answer.

        Maybe if management knew it was preventable I think they’d be more interested in placing blame. Instead of just accepting it as a fact-of-life in computing…

      • #3064824

        What going on!

        by roger.pauling ·

        In reply to Good question. I don’t have a good answer.

        What going in the business is that the management of the businesses are doing just that – managing the business and expecting Microsoft to do the same! However, I think they failed to produce a qualtiy product, a product that is not full of holes and code of questionable quality.

    • #3067367


      by bfilmfan ·

      In reply to Why are heads NOT rolling?

      Becuase the impact to the business hasn’t affected their bottom line.

      When it does, management is out on its ear and new management bozos will replace them.

      • #3067353

        Doen’s affect the bottom line?

        by fcleroux ·

        In reply to ROI

        What? Are you out of your mind?

        As I mentioned, millions of dollars.

        I many cases it cost hundreds of thousands alone in overtime or consulting fees to resolve the problems but this amount is small in contrast to the MILLIONS cost in lost revenues because of down time! Not to mention the lost man hours because of the thousands of employees that are then sitting at their desks not doing any work for several hours to several days.

        How could you not think the bottom line is not affected when several thousand computers are out of commision for half a day or longer.

        • #3067304

          Solid Object

          by jdmercha ·

          In reply to Doen’s affect the bottom line?

          The problem is that the bean counters can only count solid objects, desks, chairs, servers people, etc. The empoyess charge there time to a project or department. There is no account for ‘fixing that which could have been prevented’. The bean counters can’t see revenue lost due to wasting time. Thus, if the bottom line is not looking good you have to cut an object, not wasted time.

        • #3056442

          bean counters are at fault???

          by dboundscpa ·

          In reply to Solid Object

          Excuse me, jdmercha, but you are beyond incorrect in your hypothesis. Being one of those bean counters, I can assure you that counting lost productivity is among the most significant things we bean counters do. Whether you are aware of it or not, if your organization is worth anything, someone is counting the cost of your salary or wage, plus all the additional costs of employing you, and letting management (all the bosses) know how much it costs them when you don’t work. The real problem is that management is too damned scared of IT to make significant changes in personnel. When a virus hits the system, so many people have fallen down on their responsibility (typically that same management is at the top of the list) that to remove all those responsible would itself be catastrophic. The managers who believe that overhead costs such as protecting the system are just not worthwhile should be replaced with people who think in terms of reality. Then systems would get protected because management would proactively work to make it happen.

          When it’s all said and done, please don’t blame the bean counters!

        • #3056303

          Be nice to bean-counters

          by elder griffon ·

          In reply to bean counters are at fault???

          I’m not sure it was jdmercha’s intent to blame accountants as much as to observe that accounting as a discipline struggles with reflecting certain kinds of costs.

          I really don’t know much about the subject at all. I’m sure you’re right when you say that part of the point of accounting is to get at those costs which are not at all straightforward, like lost time. But isn’t it also true that accounting practices can provide management a means for ignoring inconvenient costs? For example, couldn’t a company move expenditures for virus outbreaks to some part of the balance sheet that makes them look like normal, predictable costs? Just asking because I don’t know.

          Judging from news reports, it certainly seems like certain shady practices occasionally become endemic among companies, like hiding compensation for executives.

        • #3056059

          IT Comfort

          by superclone ·

          In reply to Be nice to bean-counters

          I’ve worked in large organizations and small ones and I can tell you that the reason why heads don’t roll is because managment develop relationships with their IT staff and find it hard to replace them. When things fail or get attacked, it’s never on purpose. When the stuff hits the fan, it’s the IT guy who takes the heat. And it’s the IT guy who’s gonna fix it.

        • #3264930

          Not the counters…

          by noyoki ·

          In reply to Be nice to bean-counters

          but the system. I and a partner had tried to put into place a system that would save an assistant’s time with having to manually enter x, y and z, instead of assisting the HR & Billing Managers. The way the bosses saw the charts of “This is how much time she would save and be able to dedicate to where it’s supposed to be”? “Well we’re not firing her, so what does it matter?”

        • #3056274

          get real!

          by kingdre31 ·

          In reply to bean counters are at fault???

          I work in government, and most IT departments I know are under manned. One tech per 100 PC is a min. the fault is no one will not to pay for IT. Moreover, as long as departments are under staffed the problem will not be solved.

        • #3056169

          Praise to the bean counters still in the loop

          by haidehaide ·

          In reply to bean counters are at fault???

          I completely agree with you, Bean Counter! It looks like you are not one of those passed techies that got to scared or overwhelmed with keeping up with thechnology and moved themselves up the lather as been counters. Keep up the good work, and give the security aware techies what they deserve, praise or raises, not pink slips!

        • #3056110

          I still blame the bean counters.

          by jdmercha ·

          In reply to bean counters are at fault???

          By way of example:

          I assume that we can all agree that network printers are more economical than putting a printer on everyones desk.

          But what the bean counters don’t see is the time spent by employees to get up from their desks and walk down the hall to get their print job off the network printer. Only to find out that someone has changed the paper. So now they have to walk back to their desk and print the document agian. Or they have to track down their print job because someone else has walked off with it.

        • #3047064

          Not quite

          by 0troy ·

          In reply to Solid Object

          Either the bean-counters, or management figures the total cost of lost productivity. SOMEONE is figuring it out. And if not, what kind of mickey-mouse company is it???

          The real problem, I think, is the misconception that the problem was preventable and avoidable.

          Until management knows that this million dollar loss in downtime could have been circumvented it’s just another number that they think they have to live with.

        • #3067639

          Down-time Losses

          by bfilmfan ·

          In reply to Doen’s affect the bottom line?

          I won’t argue your point in the least, as I agree in principle.

          However, as other peers have pointed out, there is no accepted accounting method which allows for “Business Lost Due To OuR Not Getting It” for whatever reason.

          You don’t get the contract cause the network is down, you don’t get the contract cause the salesman is a bozo. Both of these have the same negative impact on a business, but neither can be counted as a loss, but is simply business which never happened. And this is how most businesses view and deal with computer downtime.

          I think it is a stupid manner of doing business, but I recognize that it is.

        • #3067634

          My 90s experience

          by jamesrl ·

          In reply to Down-time Losses

          In the 90s I was part of an anti-virus/security for a worldwide organization. When Michaelangelo threatened to wipe out PC HDs, we all took precautions. But inevitably some people got hit, albeit a small percentage. And I spoke to a few people at other companies who had similar experiences.

          Yet when interviewed, our PR types denied any knowledge of any impact.

          No one wants to admit they were caught with their pants down. Its embarassing. So collectively it seems the whole company wants to downplay it.


        • #3056189

          Worms shouldn’t cost a good system millions!

          by mark ·

          In reply to Doen’s affect the bottom line?

          If a system is well designed with proper continuity plans, recovery and redundancies, then a virus / worm attack shouln’t be anything more than an annoyance for a few minutes. If the admin hasn’t done this, then their heads should roll.

      • #3067681

        Bottom Line

        by lordshipmayhem ·

        In reply to ROI

        Because it’s not OBVIOUSLY affecting their bottom line.

        As soon as the systems are up and running again, nobody bothers to calculate the cost of the latest system outage.

        If they did, then bosses would be screaming for something more secure.

        • #3066773


          by bfilmfan ·

          In reply to Bottom Line

          Very few organizations are able to calculate the cost of “downtime,” as they have no idea what their “uptime” revenue stream is either.

          And I agree totally that they should calculate that cost as it is a business loss, even if they choose to ignore it.

        • #3056500

          cost of downtime

          by the monkey ·

          In reply to Agreed

          perhaps they are doing it but getting the calculations wrong, most businesses see the cost of mantaining a proactive it department( having the staff and resources to deal with whatever would cause the downtime ) greater than there perceived costs of the downtime

        • #3056489

          Reply To: Why are heads NOT rolling?

          by cerisew ·

          In reply to cost of downtime

          Simple math

          Take a $3mil annual revenue, divide by 52 weeks and you get approx $57693 per week. 8 hour workdays 5 days a week, about $1443 per hour. Figure you lose a percentage of that when the network is down (not everything grinds to a halt), we’ll be conservative and say 35% of the revenue is gone. That means it costs the company about $504 per hour if they have a buisnesswide outage. If it’s a local outage, say the buisness has multiple locations, the downtime could drop less than 10% of the profit. So the larger the buisness, the less intrest they have in the administrators.

        • #3056451

          If a company can calculate an ROI

          by gitmo ·

          In reply to Reply To: Why are heads NOT rolling?

          If a company can calculate an ROI to justify their IS investments, then they can calculate a loss due to IS resource unavailability.

          I think most large companies delivered a reprimand at the first noticeable outage. A second preventable outage would result in a dismissal.

        • #3047063

          What company doesn’t calculate ROI?

          by 0troy ·

          In reply to If a company can calculate an ROI

          What company doesn’t figure ROI? or cost of downtime? If they did, they’d realize that all this patching is costing them lots of money. Or that they need to get a secondary T1. Or that the cost of an outage was way more than the last purchase request for a redundant server!

          Encourage the ROI if they’re not already figuring it!

        • #3056040

          Very few organizations are able to calculate the cost of downtime?

          by dennis_london ·

          In reply to Agreed

          It’s fairly simple to do this. Take the number of people working at your corporation and average out the estimated (ask HR for an estimation and tell them why you’re doing so) salaries. It’s simple math.

          Assuming the average salary is $40K per year, now divide that by the number of working hours in a year (2080) and you get $21.63 per hour on average per employee/user.

          1000 users with an average of $21.63 per hour equals just over 21,636 per hour of uptime or if your network is down and users can’t work then this is the cost of your outage on an hourly basis not including sales and profit.

          For averaged sales per hour, take your yearly sales volume and do the same as above. Sales divided by 2080.

          And the same can be done for profit. Profit divided by 2080.

          Again, it’s simple math which any manager worth his/her weight should know how to do just to show TCO and ROI for technological purchases and what have you.

        • #3053838

          Simple, yes. Complete, no.

          by jdmercha ·

          In reply to Very few organizations are able to calculate the cost of downtime?

          What about the time spent by the IT people fixing the problem. What about the time spent after the problem is fixed to investigate the root cause of the problem. What about the time lost from doing what they sould be doing instead of investigating the problem. What about the time spent explaining to everyone why the systems went down.

          I could go on and on. This is also related to my previous post about the type of hidden costs that the bean counters just don’t see.

        • #3053788

          What about the non-tangibles

          by fcleroux ·

          In reply to Very few organizations are able to calculate the cost of downtime?

          What if you are a Law Firm and need to do a conveyance now. Computers are down. Depending on the state or province you are in you could get fined (and sued) for not completing the deal on time. Or, you need to farm out the work to some other firm with higher costs. Some very small firms to 5 or 6 of these a day. A large firm may need to farm out several hundred a day at a cost of about $400.00 a each. What if they cannot find firms that have the time to do the work as these would all be rush jobs?? And this is all only one small aspect of the many things the firms do. No contracts get printed out. Schedules and meetings get missed. Think of all the lost opportunities.

          What if it brings the PBX/VOIP system down and all new sales calls are lost??

          So, yes everyone can do the smple math, its the not so simple math people have problems with. Some of it can be worked out, but at best its always going to be a guess.

        • #3076088

          Sorry it took so long for my reply

          by dennis_london ·

          In reply to What about the non-tangibles

          You are correct, it is the not so simple math where corporations or people fail. So many times I have heard it said “we just can’t justify the cost of (fill in the blank). If they bothered to take into account some of the basics, they would have a basis to work from. Of course the other variables would come into play on a per situation basis. As long as they have a firm grasp on the business functions and what each entity brings, they should be able to calculate a close estimate per incident.

      • #3053757

        RE: ROI

        by macghee ·

        In reply to ROI

        Meet the new boss. Same as the old boss.

    • #3067354

      Why aren’t management heads rolling?

      by dr dij ·

      In reply to Why are heads NOT rolling?

      IT guys often ask for corporate wide anti-spyware or AV, or adequate firewalls, etc and get turned down. Until recently we didn’t have corporate AV solution and only got spam appliance recently.

      management also often understaffs these depts, so the people would not have enuf time to protect their networks possibly.

      So much of the time, management needs to hold the mirror on themselves. Which can be a hard concept for them as they often do not understand IT adequately, treat it as a loss area.

      • #3067350

        That is my point!

        by fcleroux ·

        In reply to Why aren’t management heads rolling?

        That is my point. If middle management saw no need for an AV sollution and yet that decision cost millions of dollars to the company, why are they not being fired.

        If they developed a new product that was a bust, they would get fired. If the made a mistake in product development that cost millions they would get fired. If they made a financial mistake that cost millions they would get fired.

        Why do they NOT get fired for making an un-informed bad IT decision. It is their job to make sure the systems are safe.

        Billions are spent every year making sure systems are available 24x7x365 with no downtime. Redundant everything, clusters, mirros, backup systems, yet they do not want to sped the little extra to make sure a patch is applied or that AV updates are done. What is the cost of one or two extra IT people compare to the millions already invested in hardware and software alone?

        • #3067345

          Is it middle management or senior management?

          by peter spande ·

          In reply to That is my point!

          I’m guessing if there are individuals saying no to corporate wide AV or Anti-spyware solutions it is senior management (perhaps finance, operations, etc.) and not IT.

          I could envision a scenario where it is the administrator that didn’t catch a patch update that is in jeopardy of losing his/her job and not the senior managers… however unfair that might be.

        • #3056452


          by chip_langowski ·

          In reply to Is it middle management or senior management?

          The competent IT middle manager has learned to keep detailed records when their requests for applying patches or upgrading security are denied. Those records come out when an outbreak occurs and senior management starts looking for someone to blame. Unfortunately, the people with the authority to veto upgrades usually have the authority to cover up their poor decisions.

        • #3056325

          Good Answer!

          by fcleroux ·

          In reply to Documentation

          I started this Discussion. Read many answers and think you hit this one on the head!

          Well done.

        • #3056302

          Best answer yet!

          by jhogue1 ·

          In reply to Documentation

          This is the best answer yet. IT is automatically going to scream a lack of money or labor is to blame for the problem. If IT can prove they asked for funding and were turned down then the responsibility should fall on the next level up. If they can’t prove that they asked for the money then IT has to take the heat.

        • #3056028

          Sometimes you need to play the game

          by bigwazza ·

          In reply to Documentation

          I can think of a few issues here. My first thought was “Are you comparing ‘user letting a virus onto their system and losing their job’ and the ‘Manager who fails to stop a simple attack doesn’t get fired’ in the same organisation?”

          If Company “A” fires Clerk A, but Company “B” does not fire Manager B, then it’s an unfair comparison. I assume, to some extent, the reference is for the same (group of) company(ies), so the comparison has some common ground.

          My next thought was that managers are people too. They are where they got for a number of reasons, one of them is their negotiation skills. If they can talk their way into a job, they can talk their way out of being fired (regardless of “hot air” or not). My boss has said many times if some of our jobs are to go, he’d cast us adrift to save his own job. No malicious feeling intended, he just needs to keep his job. He won’t take the bullet unless he really has to, even if I wish otherwise. And that’s a fair reality check!

          Lastly, and this is two-fold, is Politics. As ugly as it is, unless you play the game – and to the rules of those in charge – you won’t get anywhere. I, along with my boss, have slowly and steadily educated our senior management. They are no longer scared of computers, and we can now talk to them without the blank looks you sometimes get. They understand, so now the requests for better stuff has a better chance of success, and if it fails, it’s not just a rubber stamp, but an informed decision with an understanding of the risk involved.

          Maybe I’m lucky here – I don’t work on my holidays, I’m not in immediate fear of losing my job through one failure, and so on. But I do know this, I would have gone after 4 years if I hadn’t taken the time to educate and explain – in their terms – what was happening. I’ve been here nearly 10 and seen many, many changes, and my job has changed dramatically since I started.

          But then, I know the executive management here are very good people. So maybe I am just lucky.

        • #3067315


          by tonythetiger ·

          In reply to That is my point!

          The person who can’t blame someone else is going to be the one to get axed. Crap flows downhill.

        • #3056399

          Good point but….

          by firewalker91 ·

          In reply to That is my point!

          We are a production environment that runs 24/7/365 with rotating shifts to cover the time. We manufacture products for Ford, GM, Chrysler and some other auto companies. Any downtime means missed shipments and a big auto maker putting pressure on us threatening to switch suppliers. Because of the pressure from our customers not to miss shipments, we’ve had to create workarounds not to stop the production lines.

          In the office, it’s easy to set up SUS, WSUS, or whatever program to push security and anti-virus updates to the clients. That’s a no brainer and someone should get fired if they can’t set up a simple tool like that (and it’s free).

          The production environment is different. Because an anti-virus program scans each file as it opens and closes and our testers can create or access dozens of files for each module being tested, it slows down the tests and doubles the test time (less products produced = less products shipped = missed shipments/unhappy customers = no new business = less revenue).

          Also, most of the applications that do the testing are custom made apps that still run on NT 4. Adding a service pack or security patch has actually prevented the testing programs from working. Since the applications are older, some of the companies that wrote the custom apps are no longer in business, so we have no support if something goes wrong after adding a patch (if something goes wrong then: less products produced = less products shipped = missed shipments/unhappy customers = no new business = less revenue). We’ve had to do workarounds on the testers such as shuuting down extra services, running user accounts with READ-ONLY access to other computers, etc., in order to minimize risk until we can spend the millions of dollars to replace the equipment and the months it takes to verify and prove out the new equipment. And the cost of replacing the old equipment is a lot greater than the cost of a few hours of downtime if a virus hits.

        • #3056024

          REPLY to: Good point but….

          by dennis_london ·

          In reply to Good point but….

          Great excuse although I have to say it’s not a very good one.

          I’ll agree that AV products can and will most likely slow your processes down. I have customers that I work with who are in that same situation but that doesn’t mean those machines should be connected to your corp network without an extra layer of protection. Having an IPS solution separating those environments would allow you the flexibility of not having AV on those machines in the “secure environment” as well as keeping your security posture from being impacted. You would also want to limit if not terminate said machines with any internet or external connectivity. Again, think of your overall security posture.

          I know with some AV products you can exclude certain processes and or files/folders from scanning. There’s another option if you don’t want to invest in a good IPS solution.

        • #3056320

          Time to move on anyway

          by shorne ·

          In reply to That is my point!

          This is a bit off topic but another angle on this is that if your middle or upper management are refusing to fund a decent corporate AV solution, it’s probably not a great place to be and you might want to move on before the S*** hits the fan. If they can’t even commit to basic technology like this they likely aren’t supportive on many other IT projects, unless perhaps it involves a toy for them.

        • #3056173

          Now hold on!!!

          by issinho ·

          In reply to That is my point!

          From what I read in your post, you were asking why IT HEADS WEREN’T ROLLING. You didn’t mention MANAGEMENT.

          Plus, we are hired to take care of the system, so LET US!!!!! So often our hands are tied with policies, procedures and company rules. That is the last thing that IT needs!!! I’m not saying to let us run rampant, I am saying to let us do our job. An IT technician should have full reign of the infrastructure. Don’t limit us so that it takes longer.

          Another: IT should make all IT decisions and policies. Not some management that knows nothing about our job. I have a supervisor who tries to make changes to people’s jobs that he doesn’t even know.

      • #3067888

        Education of Superiors

        by mcollins1 ·

        In reply to Why aren’t management heads rolling?

        I thin that’s the problem. Managers should be made to go on a course to make it hit home how important AV and Anti-Spyware is. It is wrong to place the finger of blame at the IT staff, when it is possible they are doing their job to the best of their ability with limited means available to them.
        I know that my company has only very recently recognised the risk of Spyware/ID theft etc. And have only very recently put in measures against them, despite being told for years!

      • #3056477

        what about loss of customer confidence??

        by 2wired ·

        In reply to Why aren’t management heads rolling?

        Many ppl also fail to factor in the loss of earnings resulting from lost revenue from potential customers, or indeed current customers, who pull out or choose a competitor as you?ve earned the name of being susceptible to virus attacks. This could, for example, occur if some worm got hold of a customer email list and mailed itself onto those companies networks…spreading itself and infecting these companies too…. or even worse, if someone gets hold of customer bank/credit card details! In effect then you?re now responsible for your customers get hit.

        This happens once or twice and you will find you customers pulling out left right and centre. After all, if you cant be trusted to update your own anti-virus or provide adequate security, why should they trust you to deliver your end of a multi-million dollar contract? And ppl talk, so its not just existing customers that will be affected, but potential future ones too. Word of mouth can greatly affect ones customer base in ecommerce or other such areas when all many companies have to rely on is their good name.

        • #3056404

          Accountability vs. Good Business

          by cwyman ·

          In reply to what about loss of customer confidence??

          I’m not trying to attack anyone here, but I thought that I would add my recent experience with what I consider to be accountability.

          We reside in a network where users bring in their own equipment and hopefully abide by policies that we have developed, (ie. having anti-virus, spyware protection, software firewalls, etc.) However, this is only policy. I have dreamed about holding a user accountable in a monetary fashion for several years since it’s usually ME that spends the countless hours cleaning up the mess. IT mgmt feels the same as we, but no one took the time to develop a way to place a dollar amount on an outage.

          Well, it was time and so I stepped up to the challenge. Now granted, I’m a little one sided, but we had to start somewhere.

          I’ve recently implemented an incident report template to be used whenever a virus attack, nw outage due to neglegance, theft, etc., occurs.

          The last section is Costs of lost opportunities. When I first developed the draft and presented it to non-IT mgmt, they of course got very upset because their claim is that you can’t put a dollar amount on something that is not set in stone. They of course are referring to the fact that our users work on a commission basis and that varies per person so it’s not like….okay, we’ve got john doe here and he makes $30/hr and his machine was infected and total cleanup took 8 hrs so that’s $30*8. I did have my numbers based on an average and basically the numbers were right. But, because the particular case study that I demonstrated showed a lost of $2.8Mil per hour for 2 hours was devastating to them (hence the importance of accountability I’m trying to bring to light!!), they didn’t want to go that route. Now granted, I see their side of the picture. They feel that if we start charging back to those that allowed the incident to occur, then we put ourselves in a he said, she said attack mode and that’s just not good business. So the next time that we cause an outage because of a programming error, they will try to charge that $2.5mil back to us (which is understandable).

          So, we went back to the drawing board and with IT CIO we were able to make a compromise. We used a percentage to at least represent some type of opportunity costs lost. Now we did have some definite dollar amount charges (We have 3 sections – HO costs for man hours and loss of Internet costs, – Costs for the individuals that had to be down, – Costs for larger outages), but we were able to give representation to upper-management that these are serious and we need their support to help educate the users about the responsibility on their end, not just ours.

          My point I guess is that, it’s painful to hear the truth and so they try to avoid it, this is true, but if you’re committed to making things better than it’s up to you to work with others to get the message across even if it means working together/compromising without sacrificing to come to a resolution that works.

          I definitely feel that even though this incident report will not make people happy, it will help management come around and begin supporting the IT department that so desparately needs their support in order to be able to function as needed.

          This is what we’ve had to do start on the right track….

          I do agree that blatent (sp?) neglect of policy, should ABSOLUTELY be cause for reprimand and then dismissal.

          Put simply…if I tell you not to touch the HOT pan of boiling water on the stove and you go right over and touch it, then I have no simpathy for you when you burn your hand. And then if you
          re dumb enough to do it again, then you get what you deserve.

      • #3056164

        To test or not to test…..

        by is girl ·

        In reply to Why aren’t management heads rolling?

        I think that the larger companies that recently got caught in the last wave of worms hold off onl applying patches routinely in order to test them.

        Those of use who are truly members of understaffed IT depts don’t have time to test, so we just apply the patch and hope for the best.

        In the truly understaffed world of IT it’s a risk to patch and a risk not to patch.

        I large companies, there is enough staff to expect some testing to take place. However, this would take a few weeks to actually complete – assuming there are not other fires to put out during that period.

        These days, the time between the release of a patch and a virus or worm that takes advantage of unpatched systems can be measured in hours….not weeks.

      • #3056095

        Hear Hear

        by blarman ·

        In reply to Why aren’t management heads rolling?

        Nice post. You can’t really fire someone for not doing something that isn’t part of their job description, and unfortunately, security just isn’t deemed that important to management yet.

    • #3067323

      Glass half full or half empty?

      by billbohlen@hallmarkchannl ·

      In reply to Why are heads NOT rolling?

      I don’t think that you can be so quick to start firing IT people when an outbreak occurs.

      With public companies, all changes to appliance and application configuration must go through a formal corporate review process and completely documented. Adequate backups must be verified and proper change management procedures followed. This slows things down incredibly.

      Also, patching and other changes are far from automatable. Changes must be put through a testing process to make sure they don’t break applications and IT services. IT personnel can’t fully test every application….often we have to wait for users to verify proper operation in a test environment. I’ve seen more downtime due to not testing patches thoroughly enough than I have for viruses and worms.

      I disagree with your statement that all viruses and worms are preventable. Even if your company has all of the best systems in place to prevent this from happening, nothing is 100% secure. Your company is still vulnerable to attack!

      You state that staff members can make a simple mistake and get fired for it. You can’t apply a slippery slope here, because a virus outbreak is often not a simple mistake. Every company I’ve ever worked for treats virus outbreaks as an opportunity to learn and grow….instead of an opportunity to fire people. Following your logic, wouldn’t you also fire the person that unknowingly opened a virus-laden e-mail attachment from “System Administrator” to start the whole thing? Or the user who gave their password to someone pretending to be from IT?

      • #3056312

        Half Full

        by fcleroux ·

        In reply to Glass half full or half empty?

        Several Point here…

        1) I did not state that ALL Viruses are preventable but rather that MOST are.

        2) I did not suggest that everyone at all companies should be fired if there is a Virus outbreak. Rather I just asked the question as to why people are not fired. There have been many large outbreaks in the last several years, why has NO ONE been fired (that we know of). Perhaps no one was at fault at all?? Doubt it! From my own experiences within the corporate world I know of several MIS people that should be fired for what I would call negligence.

        3) “Following your logic, wouldn’t you also fire the person that unknowingly opened a virus-laden e-mail attachment from “System Administrator” to start the whole thing? Or the user who gave their password to someone pretending to be from IT?” – I would not, but yes people have been fired for such things.

    • #3067291

      In some cases, the head rollers are clueless

      by dmambo ·

      In reply to Why are heads NOT rolling?

      We got hit by Zotob at a couple of other corporate sites. When I asked why those sites weren’t up to date with patches, the grapevine told me that the guys responsible for those sites hadn’t applied group policies to new machines for a couple of months. When I got the official corporate explanation, it was that Zotob was so new and so voracious, it was fortunate that it didn’t bring down the whole network. It was clear to me that there was plenty of a$$-covering going on, and the higher-ups just didn’t know the right questions to ask.

      Nobody in IT is going to say anything either because it just as easily could have happened in my backyard or anyone else’s. It’s like cops not squealing on other cops.

      • #3067272

        Corporate politics

        by jmgarvin ·

        In reply to In some cases, the head rollers are clueless

        Ya, that is a big part of the problem. Another part is that management sometimes “stops” patch rollout with their “test and comment” syndrome. Sure, testing is good, but deployment needs to happen quickly and quietly (usually in under 48 hours and usually while users are working because there is no good time.)

        A major beef of mine is that nobody is accountable and the attitute is that sheisse happens.

    • #3067587

      They probably got a raise

      by jdclyde ·

      In reply to Why are heads NOT rolling?

      Because they came along and “saved the day”.

      This goes back to why many Windows Admins get more respect than Unix Admins. The powers that be don’t understand or CARE what it takes to make something work, they just know they SEE you doing something all the time.

      Many Unix servers are just forgotten about until it is time for an update or patch.

      Many Windows servers will need to be rebooted because of memory handling issues.

      Which SEEMS like the better worker to non-techs? The one that comes and saves them all the time.

      Getting a virus and then having your tech clear it makes you NEED that tech, not wonder why you got the virus in the first place.

      The media also helps with this over dumbing down of the execs on just what we do.

      • #3067573

        I hear that.

        by stress junkie ·

        In reply to They probably got a raise

        When I’ve run VMS machines it’s not unusual for people to ask me what exactly I do. They don’t see me monitoring resources, getting to know how people use the machines, and coming in on weekends for performance tuning and preventive maintenance. I have taken people asking me what I do to mean that I’m doing a good job. If my work was visible to them it would be because it was causing problems for them. I think you’re right about the Windows admins getting more visibility and therefore more credit. Windows machines always have patches to roll out, problems from patches being installed, virus infections. Nontechnical people think that this is normal and that the Windows admins are doing a good job.

      • #3067553

        Oh yes!

        by jmgarvin ·

        In reply to They probably got a raise

        The media is making matters far worse with their inane ramblings and non-technical “in depth reports.”

        Only Windows is effected, so that means that it is better! Oh and Bill Gates loves you!

        • #3066817

          Lucky enough…

          by grbeckmeyer ·

          In reply to Oh yes!

          to not have any Windows servers here. So what’s this ‘Zotob’ everybody’s talking about lately?;)

        • #3066778


          by jdclyde ·

          In reply to Lucky enough…

          Blaster? Slammer? Just things they talk about on the radio.

          And then the ones that DO use a Windows Server, have you ever heard of a DMZ? Isolate your mail and web servers from the rest of your LAN. Is that REALLY a difficult concept?

          How about NOT running EVERY service as Administrator?

          NOTE, using SAMBA, we have a few Window packages running on Linux servers without a hitch. The software doesn’t know or care, it just runs.

        • #3047061

          Not just linux…

          by 0troy ·

          In reply to Lucky enough…

          We’ve got over 40 customers we completely manage IT for. Not one got hit.

          Sure, not having to worry about virii for Linux is fun, but keeping windows safe is still possible. (even for a linux fan)

      • #3056283

        I hear ya too

        by bluegiant ·

        In reply to They probably got a raise

        I’m in a similar situation here too. I administer an iSeries (AS/400) running OS400 and the ERP app that resides on it (JDEWorld…or whatever it’s called now 😉 ). Very little recognition because the thing just runs and runs. No viruses, no problems, it just works. Just install the occasional PTF, keep the system cleaned up, and everything’s good.

        The windows side of the house gets the attention because he is always involved in fixing a problem somewhere. Granted, out Windows admin is very talented and keeps everything up to date and very secure, but as you know, there’s always a problem to fix when Windows and basic users are combined.

        Now back to the topic…there are many ways that a virus or worm can enter the system. In our situation, it mainly depends on whether we did our due diligence to prevent the virus/worm when disciplinary action is considered. If there were things that we reasonably should have done but failed to do, then disciplinary action will probably happen. If someone brought the virus in as a result of violating company policy, they will likely face disciplinary action. Fortunately, we have not had a virus or worm get to our network in years.

        There are a lot of good posts as to why so many other companies have these problems without consequences…incompetence at executive and middle management, corporate politics, and technical ignorance throughout the chain.

    • #3066758

      Why does it matter?

      by jkaras ·

      In reply to Why are heads NOT rolling?

      They made themselves look bad, it doesnt effect you. I think the last thing we need is more IT people out of work. Just think if the slightest thing happened, whammo your fired!! Sounds good huh? Nothing is 100% effective. Now if those same people got hit again the same way without any precautions, then hello ladder climb! Well, that’s my take on it anyways.

      • #3067884

        Experience Hard to Find

        by mcollins1 ·

        In reply to Why does it matter?

        I think it is hard now to find experienced employees in IT, who really know what they’re on about. If a firm finds a good employee, they will not necessarily want to sack them over a mistake such as that. The person may be judged more on how they react to, and remediate such a situation, and not on whether they use the correct preventative measures originally… What happens afterwards however is another matter. They should be pro-active in trying to stop it happening again.
        However, I know firms who are pretty well protected and still get the occasional virus outbreak. It’s a fact of life, and it is a matter of containing it rather than letting it grow too much.

        • #3056103


          by jdmercha ·

          In reply to Experience Hard to Find

          Experienced employees who really know what they’re on about are easy to find. But they are hard to recognize and don’t get paid enough.

    • #3066568

      The public is not always notified

      by andeanderson ·

      In reply to Why are heads NOT rolling?

      of what actions have been taken as a result of an infection.

      Many corporations prefer to keep their activities from the prying eyes of the media and public and so maintain their image of being clean and in control.

      There are many empolyment contracts with separation guidelines which would leave the corporation open to litigation if they announced that Mr./Mrs./Miss. Applegate was removed from employment because they introduced a virus into the companies computer network, either by accident or as an oversight. So, unless there are criminal charges filed the information will never be made public.

      “Public Image” is very important and as the Japanese Culture has taught us “Saving Face” is one of the most important activities a man or corporation can accomplish.

    • #3067889

      Analogy to Human Immune System

      by sean_tan ·

      In reply to Why are heads NOT rolling?

      Juz like our immune system, there is no foolproof evidence dat we can take on new viruses or pathogens. Computer viruses were introduced round-the-clock esp. with Internet connecting the whole world together. Most of the times the new viruses infect the companies even before the patches, firewall or anti-viruses are ready. The root of the problems are from those virus-creators, their heads should be chopped instead.

    • #3067886

      roll the heads

      by bob_steel ·

      In reply to Why are heads NOT rolling?

      I couldn’t agree more. Basic hygiene and security controls are all
      that are needed – if an IT pro can’t get that right they should be
      encouraged to take up a different career.

    • #3067883

      Why don’t corporations sue for defective products

      by douglasjohnledet ·

      In reply to Why are heads NOT rolling?

      The bigger question is why don’t corporations sue Microsoft for “defective” products, i.e. MS Windows and it’s known defective security holes.


      • #3056504

        no cost analysist

        by pcteck ·

        In reply to Why don’t corporations sue for defective products

        Only once can I remember anyone asking, “how much did this virus cost us?” When we told them and it was like, “ok”. We suggested what was needed to help lower the risk but the bean counters said “to much money at this time” Do they think it will get cheaper as the threats get more powerful? I agree that as long as it goes away everyone is back to business as usaual. Bigger penalties for people caught writing virus. Doesn’t happen very often though.

        • #3047057

          Cost-analysis should be in their face!

          by 0troy ·

          In reply to no cost analysist

          You should be shoving the cost-analysis down their throat! They shouldn’t make it to their office in the morning before seeing the stomache-turning cost of the latest worm! That’s fodder for you to come back and say, “if you dont’ want to see these numbers, we need that new server” or “I need more help.” or “Patching is costing us a lot of money, we need to consider some drastic changes”

      • #3056439

        Did you read the EULA?

        by plumley9 ·

        In reply to Why don’t corporations sue for defective products

        You can’t sue Microsoft or any other ‘off the shelf’ vendor because the shrink wrap license you purchase (you do know you are not buying software?) includes limits on damages and NO promise of usefulness. For forty years the software vendors have massaged the laws so they are more protected than any other industry in the world. Your ONLY remedy (since the states and feds wimped on ‘monopoly’) is to STOP using the product. And if you whine loud enough you may get the license price back from a small company never from Microsoft. And technically in most states you can’t even sell the license to a 3rd party to recoup your losses.

        • #3056342


          by rzimmerman ·

          In reply to Did you read the EULA?

          This is the ongoing embarrassment in this industry that software vendors can’t warrant their products for “fitness for use”. One of the many reasons this industry has a major credibilty gap.

        • #3056197

          maybe need a legal test?

          by kblack1a ·

          In reply to Amen

          There is such a thing as implied warrantee of fitness in our system. I don’t care how creative the fine print gets, there is a certain level of usability the law requires in a product sold to the public. I’m not a lawyer, but our propensity to sue might create a nice opportunity to some enterprising law firm that would do a class action suit on the behalf of all us IT types that are put in a situation to fix problems that outside people are creating. It is like firing a bank teller because of a robbery. I agree that the Software houses need to spend some of their billions on giving us a good safe product instead of million dollar bonuses to the CEO’s (sorry Bill G)

    • #3067882

      heads are rolling trust me!!

      by eliad_08 ·

      In reply to Why are heads NOT rolling?

      well all i know is that all heads are rolling and IT’s and IS’ are doing their job(well most of them). but my point is that, IT’s are making a secure firewall, and using a perfect anti-virus, even releasing a memorandum on how to prevent virus /worm outbreaks, but unfortunately these office staffs or even the CEO’s are very stubborn and doesn’t pay any attention to these warnings, and still they download unwanted attachments, visit PORN sites, etc. why should they fire the IT’s if they are doing they’re job??? the truth is that, not all firewalls are that secure from virus/worm outbreaks, they cannot block downloading attachments from emails, and some anti-virus can’t even detect the newest virus\worm. it shouldnt be just the IT that is doing the prevention, the office staffs and CEO should be doing their share of work on this matter. in order to have an computer that is virus free you should follow these simple steps:

      1.) informing their colleagues about a new virus
      2.) they should’nt open attachments if they dont expect that or if its from an unknown sender.
      3.) stop visiting porn sites coz some of them has virus/worms.
      4.) always update your anti-virus from the internet so that your anti-virus should be able to detect the latest virus/worm.

      • #3056299

        heads are rolling – got a bettter idea

        by brain ·

        In reply to heads are rolling trust me!!

        I was able to attend a “Certified Ethical Hacking” class to get an understanding of how trojans, worms and vulnerabilities can be attacked, and I tell you now that the only way!!, ONLY way to prevent your self from getting a virus or to prevent getting attacked is to keep your computer totally off of EVERY network. No internet access, no network connectivity to any other device, no floppies, no cd’s or media that can be inserted into it, no phone lines into the computer.
        Firewalls are great tools, but all that does is slow someone down, it will not prevent someone who is determined on getting into your network.
        Reality says that that isn’t possible. Since that isnt going to work, you still need to have firewalls in place, both hardware and software version running, a constantly updating Anti-Virus software running. applying patches and service packs are a necessity – and need to be applied religiously (a very tough thing to get agreement on in management becuase of the potential to break home grown or old software). Tightly controlled Internet browsing software that is managed and maintained and using high levels of security should also be in place…
        there are many more things that could probably go onto the list… but End-User training can go a long way, if they know what is safe and not safe to do it may make our poor jobs alittle easier…
        i have not finished ranting..
        have a good day.

    • #3056503

      Cause the CEOs who

      by deadly ernest ·

      In reply to Why are heads NOT rolling?

      refused to fund the required equipment / software / work do not have to account for the non-funding to the share holders. Everytime I have seen avoidable damage done to a system it has been because higher ups have refused to pay for the needed work, in most cases the IT people kept their requests and refusals and thus covered their rear ends, and the people responsible were to high to get shafted for their stuff up.

    • #3056501

      Upper Heads Should Roll First

      by blastfurnace ·

      In reply to Why are heads NOT rolling?

      My head should roll IF I have the ability and authority to do what I need to protect the network.
      I ran a network for years before anti-virus was bought….. I do not hold the checkbook.

    • #3056495


      by bob ·

      In reply to Why are heads NOT rolling?

      It seems as if some people come up through the ranks of corporate IT and then forget their past.
      They don’t seem to remember how IT’s hands are tied, that there are many aspects of the job that management calls the shots, no matter how much recommending, begging, and pleading is done.
      Sure, fire all the IT. Then let those management types keep the patches, updates, and firewalls in place.
      How long do you think that will keep companies in business?

    • #3056491

      Chain of Ignorance

      by consultant-1 ·

      In reply to Why are heads NOT rolling?

      The problem may start with Lamers on the IT staff who don’t maintain patched systems, but they are enabled by IT management who don’t know that the machines should be patched. Then, the CIO’s bosses (who don’t even know what a cpu is) buy off on some spin by the CIO as to why their productivity was interrupted by a virus, and so the ignorance chain goes on…
      But why just look at virus attacks? I have had clents who are still using Win95 and DOS machines, and who had to be told why a more current OS was desirable!! This ignorance was from the techies on a 1000 node network!

    • #3056488

      It is opinions like these….

      by cyber_daddy ·

      In reply to Why are heads NOT rolling?

      First of all i will applaud your objectivity on this matter. It is very easy for onlookers to raise the question. But the reality of any security or general admin job in a technology environment is that a component of the job will always be “Reactive”. Companies will spend millions of dollars on “proactive” measures to prevent this, and some companies will spend even more money in reseaching these methods. We rely on these companies to advise us on How we need to protect ourselves and only to the extent that they have mechanisms to make us more proactive (i’m thinking patches and virus definitions here), we are only as proactive as they are. And so are the heads we are quick to put blame on….

      • #3056387

        Management & Admin problem

        by it security guy ·

        In reply to It is opinions like these….

        And there is the fact that it is not the fault of the Admins who don’t patch. Operations Management must be on board and give approval. But if their management says no and/or doesn’t provide funds to keep up-to-date, then the environment will suffer. It is also true that not all environments can be updated because of the custom code being used, although there are perimeter protection schemes that can be implemented. It should be the top management who is made aware of the consequences of not patching, etc and it should be they who pay the price if they don’t allow their managers and staff to stay ahead of, or at least on top of, the latest security developments. Having patching policies that management agrees to is a start.

        • #3047055

          Make them accountable

          by 0troy ·

          In reply to Management & Admin problem

          Just hold meeting after meeting or post agenda item after agenda item to talk about the need for AV, patching, more IT help, etc. Then when something goes bad, either they will realize that they really need it. Or you will have a stack of papers that says that you’ve brought this to their attention over and over. If they don’t care, go above them. Eventually you will get to someone who truly cares about the well-being of the company!

    • #3056480

      Give me a break!

      by mikeholli ·

      In reply to Why are heads NOT rolling?

      fcleroux, let me explain something to you. Virus
      control is….iffy at best, when we have to
      deal with hundreds or new viruses, trojans
      keyloggers, etc. It is NOT possible, even with
      keeping your .dat files updates daily. Even with
      McAfee’s Emergency Responce we can only fight
      with the tools we have available. Firewall protection? HA! Enduser signup for all sorts of
      crap that get them emails with attached viruses,
      etc on them! There is NO real WAY to prevent it
      from occurring. We can stick a bandaid on it.
      In the form of a Firewall, and Anti-Virus
      Protection, but unless McAfee or Symantec have
      .dat files for viruses that aren’t even here yet
      (magically) we cannot stop it from happening,
      only try our best to contain and repair it.


      • #3056453

        New tools are out there….

        by eric.hayes ·

        In reply to Give me a break!

        Check out Cisco Security Agent.

        They market it as a “Day Zero” defense program. It prevents certain types of behavior in an executable, rather than protecting by scanning file names like most AV programs. The idea is that you don’t need an updated .DAT file to detect a malicious program. We recently purchased it and are in the process of rolling it out.

        Nothing is foolproof, but when AV, FW, and Patches don’t seem to be enough…..this product should help.

      • #3056292


        by fcleroux ·

        In reply to Give me a break!

        Mike, you didn’t need to “explain” that. Yes I know that!

        You missed the point. If you read some of the replies you would see that several companies just recently got Anti-Virus Protection. Many companies still do not have firewalls, MANY companies do not have Anti-Spyware programs in place.

        The question is not about what happens IF you have everthing in place and you still get a dissaster, but rather why is someone not fired if they have not put everything in place.

        These companies (as mentioned in some replies) that just recently got Anti Virus sollutions installed – should somone have been fired if they had had a major Virus outbreak before the AV systems were in place. Do you think that an IT manager is doing their JOB if they do not even have a Firewall in place or Anti Virus software installed in this day and age.

        • #3054904

          Not to mention..

          by eduslave ·

          In reply to Mike

          I work in K-12 education, and on top of the “management doesn’t know,care,understand,etc.” problem there is the major contributing factor of under-funding by government. For example, in our schools probably 70% of educational computers run Win9x. Not because we don’t realize it should be long gone, either. Something like 92% of the budget goes to salaries. That leaves very little for everything else, so upgrading/replacing several thousand computers is NOT going to happen quickly even if all levels want it done. This summer we replaced about 500 of the oldest machines with used machines from a broker. 2500 to go. We do have pretty complete anti-virus coverage, but firewalls for our schools are still out of reach.
          So now who do we blame? The ministry, the politicians, the economy? In the end it comes down to everyone doing the best they can with very limited resources. We have been hit in the past, and as others have said, we get down to work and clean it up, and try to learn from it. Sure, we keep pushing management for more resources, and if we get some, that’s a bonus. The hardest thing is not letting it eat you up.

        • #3054893

          Linux in Education

          by lordshipmayhem ·

          In reply to Not to mention..

          One of the advantages of Linux is that even the newest kernel can still work on remarkably ancient hardware.

          Here’s a story about an elementary school in Winnipeg that converted to Linux, with the assistance of the local LUG:

          From the article:
          “Cory Oldford is the vice-president of Prairie Linux User Group and manager for a remarkable community project in Winnipeg. His group was approached some time ago to switch a lab at a local private elementary school to Gentoo Linux. The lab consisted of about 30 workstations ranging from a P75 with 16MB RAM to a handful of PIII 667mhz with 128MB RAM. The machines were constantly plagued with issues caused by hardware failures and outdated operating systems and software.”

      • #3056161

        Dead Wrong, Mike.

        by mr l ·

        In reply to Give me a break!

        Sorry Mike, but you (and every other IT wonk who says it’s inevitable that your shop will get hurt at some point no mater what you do when you get infected/compromised)are dead wrong.

        Appropriate firewall rules, appropriate AV at the server/desktop/mail gateway, appropriate mail server policies, AND making damned sure that when MS releases Critical level patches they get on your systems in a hurry WILL keep your environment safe. NOTE that I did NOT say no one would ever get infected…we can’t protect the laptop that some user took home last night, got 0-day’d, then brought in and put on the network. But IF we have patched, and we have good IPS/IDS rules, good statefull firewalls, up-to-date patches and AV signatures…guess what? One or two infections do NOT take the company down..they are isolated, contained, controlled.

        Mr. Cleroux, I have the this repsonsibility at a 10+ Billion/Year firm. If I screwed it up badly enough that my corporate office got taken down (when I was not refused permission to patch against the vuln that got us)…I should be fired. Period. It doesn’t have to happen.

      • #3053840

        Human errors

        by pineapplebob ·

        In reply to Give me a break!

        Why do Doctors not get fired or licensed revoked for killing people? How abotu engineers and Architects who make bad design decisions?

        Simple, it boils down to we are all human and thus make mistakes. If you have never made a mistake, you have done nothing in your life. Anyhow things happen, you atay on top of it as best you can, but you cannot win every battle.

        Perhaps the OP should be fired next time he makes a mistake. Duh!

    • #3056474

      Cover Your Donkey

      by samuel.custer ·

      In reply to Why are heads NOT rolling?

      Any up to midlevel manager that is worth his salt has dossier on everyone in sight, and also it would be a bad reflection on any company to admit that tht uper to mid level managment is populated with people that don’t have a clue, but depent on the peons that they sweep out with impunity.

    • #3056473

      Pretty proud of my corporation..

      by damunzy ·

      In reply to Why are heads NOT rolling?

      I am pretty proud of how the corporation I work for faired. It is a large corporation with over 100K employees distributed all around the world. It was reported that 95% of our systems were patched and uneffected – not a bad number! 100% would be nice but 95 is nothing to scoff at.

    • #3056467

      Darn if you do!

      by dmullins ·

      In reply to Why are heads NOT rolling?

      If anyone should already know you don’t just throw any/latest updates on your server with out first testing them. I know we had several application that whould only run on NT4 SP3. If we were to update the system the application would crash. It takes time to test updates, while sometimes there is only a small window when a server can be taken offline to do such maintenance, and still sometimes you just can’t do it.

    • #3056450

      Reply To: Why are heads NOT rolling?

      by tonythetiger ·

      In reply to Why are heads NOT rolling?

      Why aren’t bank guards fired for robberies?

      • #3056284

        What kind of comment is that?

        by fcleroux ·

        In reply to Reply To: Why are heads NOT rolling?

        If you read the dicussion you would see that we are not in favour of firing everyone that is involved in a Virus Outbreak.

        Managers, IT people that are all doing their best and have taken precautions should not be fired! But what about the few (some comapnies still do not have Anti Virus Software and many more do not Have firewalls and Anti Spyware) that are not doing their jobs?

        Would you fire the Bank Guard if he had left the building to go for a beer or was sleeping on the job when the robery took place??

        • #3056198

          Reply To: Why are heads NOT rolling?

          by tonythetiger ·

          In reply to What kind of comment is that?

          Just that, despite best precautions, malicious stuff still happens. Antivirus code cannot be written until the virus appears, leaving a window of vulnerability. The same with O/S updates. Most vulnerabilities are discovered by good intentioned people, but we don’t know of ALL are, so again with the window.

          I am all for getting rid of employees who are failing in their individual responsibilities, but I’m afraid that, with all these recent scares and outbreaks, that management’s expectations as to what is and isn’t foreseeable (hmmm, I should probably run that past the spelling people in another thread :)) may become unreasonable.

    • #3056449

      Blame the criminals

      by rope ·

      In reply to Why are heads NOT rolling?

      If these crimes were equated to a home invasion crime with the equivalent pain, suffering and dollar loss the criminals would have a huge number of law enforcement personnel on their tail. If a criminal break?s into your house and you have reasonable security are you to blame for the damage? If this break-in had the dollar amounts that are talked about here there would an international manhunt for the crooks. With the sum of pain, suffering and dollar loss from these crimes, the punishment and law enforcement should be the same as in the home invasion crime. Why is the blame for the crime being place on the lock & door makers and installers or the transportation used to get to the home that the criminal is invading?

    • #3056438

      No heads rolling = gross mismanagement

      by davidives ·

      In reply to Why are heads NOT rolling?

      I recently left my CITO position and returned to academe to teach (a course in Cybersecurity, among others). As I told my class 2 days ago, the fact that no one in IT/IS or in upper management has been fired for their gross incompetance and/or dereliction of duty — and for putting *our* data and information at risk, at that — indictaes that ignorance and mismanagement is indeed a powerful force. It looks like all of us had better plan on defending our information and identities for decades to come; there is no indications that corporate or governmental America knows what it is doing, or knows what should be done.


      • #3056279

        Thank You!

        by fcleroux ·

        In reply to No heads rolling = gross mismanagement

        Here here! This is exactly why I asked the question and this is exactly my point.

        I have seen the worst corporate IT disasters happen because of incopetence and not one person was fired.

        I now do Consulting and two or three times a year I still run into Law Firms that do not have Backups!!

      • #3056210

        Those Who Can’t Do Teach…..

        by nottheusual1 ·

        In reply to No heads rolling = gross mismanagement

        You were CITO. Were you unable to effect change in the organization? You did them a favor quitting. Be sure to taint your students with your personal vendetta drivel.

        • #3056154

          Here’s a cookie…

          by mr l ·

          In reply to Those Who Can’t Do Teach…..

          …now take it and go away, troll. Noether of your comments in this thread have any practical value, so kindly wander off and so something usefull. You obviously have issues with anyone in an authority position (past or former), and I’m really very sorry it’s affected you so personally.

    • #3056433

      comparative analysis..why shoot the mechanic?

      by jck ·

      In reply to Why are heads NOT rolling?

      Expecting management to fire IT/network support techs for non-obvious network and computer (OS/application) vulnerabilities would be akin to expecting your automotive repair provider to fire any mechanic who didn’t know your car was going to break down ahead of time.

      I disagree with your analysis that many of the virus outbreaks being “… having almost ALL been preventable.” Most virus hits are not preventable until reported and patched.

      I do agree that IT should be held responsible for incompetence. I worked at a multi-practice medical firm where the IS manager was in charge of server and network security. This guy (a former manager at Microsoft in Redmond) didn’t even have a firewall on the high-speed link coming into our network. Subsequently, we were infected with Code Red (and other subsequent attacks) long after it’d been patched. He, due to his non-diligence to secure private medical information, should have been relieved of his duties. If HIPAA had been required at that time, he would have put the firm at high-risk for law suits due to the requirements to anonymize and secure private medical information.

      However, he wasn’t. Probably because he’d entrenched himself as the one “all-knowledgable” person in relation to all the systems that we had online. The company was probably afraid to be rid of him because they wouldn’t have someone to maintain what they had.

      I agree too that, if protection is requested and not approved fiscally, higher-ups should be held accountable for not protecting company assets.

      I can honestly say…I’ve not had a virus scan program installed on my machine in *years*. I have a good firewall program and I have a good practice of *never* opening an email from someone I don’t know…and I don’t use the Microsoft Office suite because of inherent vulnerabilities in their architecture with respect to their interoperation.

      Nonetheless…blatant incompetence and negligence should be grounds for dismissal…not malicious activities of techno ilk.

    • #3056423

      How About a Bonus

      by dweeks ·

      In reply to Why are heads NOT rolling?

      How about a bonus each year for those IT personnel that keep their system virus free. I know, I know, we’re just doing our job.

    • #3056422

      They can be

      by mattk ·

      In reply to Why are heads NOT rolling?

      The problem is complex. First, IT personnel are hard to replace. Once you have been in a company a while, the IT infrastructure starts taking on a personality that is unique to the personnel. It is hard to find someone that can step in, step up, and get the job done. Second, Senior Management will not be fired. As a group they do not know how or why IT works. Poor decision making is hard to prove. Third, companies do not view IT as a business process. IT is an expense. If you asked a corporate president under what grounds he would fire his IT manager, he would probably not be able to answer the question. In reality, the answer is the same for all managers. Negligence, incompetance, and outright stupidity are hard to prove against an IT staffer… it is too easy to make an excuse for something going wrong.

      Where I work, my manager hires newly trained people, who have tons of certificates and diploma’s but less time in a server room than they have in school. I have more experience based on time alone than the rest of our four man department (been in IT since 1984), including the manager. I get paid less, do more, am called upon most often for difficult projects, and if something goes wrong, blamed first because I do not possess the paper. Our back up system has been failing for over three months. We have not had a good, complete back up for ninety days. I tried to talk to the manager about it and his response was that he is waiting for a new tape unit to be delivered before he takes action. I documented my concerns in an e-mail to him. I was advised that it is not a problem, and that I needed to remember who made the decisions in the department. I have a hard copy of that e-mail. We have already failed to provide restored files from back up on two occasions. I am waiting for the other shoe to drop as our drive arrays are having problems too. We are supposed to be a “minimum hard copy” company. Everything is on the network, and none is backed up. How can he get away with it? Nobody asks the question. If they do and they get a straight answer, he will tell them the new tape array is on the way. They will probably buy the story.

      I have my hard copy.

    • #3056421

      what world

      by jsullo ·

      In reply to Why are heads NOT rolling?

      What world are you living in? I have been in countless IT shops over the years and in many different positions and often everyone knows the vunerabilities but because of budgets, understaffing, vacations and all the other things that eat up time in the work place, i.e. new projects that are must haves. Which tend to come from non-technical people. These are all reasons stuff happens. I personally have been lucky not to have had any really major things happen but I do see how things that should be done to prevent get pushed aside in the course of normal business. So being this is the case who do you fire the CEO, CIO, Network Manager, Applications Manager, Technicians, who? You might say all, I would say get the company to rededicate themselves to protecting the network the way they should but then again if the money is not there then what is there to protect the files of a company in bankruptcy. You gotta have some real perspective on this. There are many things involved in failure so roll heads if you want, I’ll concentrate on helping the company make money so we can use it to protect the systems.


      • #3056388

        Fire everybody?

        by pcpapa ·

        In reply to what world

        I agree. People will make mistakes. The best solution feasible under the circumstances is not always the best solution. Where do you place the blame? Fire the techies for not doing the work? Fire middle management for not overseeing their operations better? Fire upper management for not allocating funds? And what makes you think the people that will replace them will be any better? Maybe you should just scrap the whole company and start over. The reality is that even if you do everything right you can still suffer from security issues, attacks, viruses, worms, etc. Sally Sue may still download a kiler virus and pass it around. Billy Bob may still find that website that introduces something undesirable to your network. You prepare the best plan possible and react in the best manner possible. You can’t throw the baby out because the bath water is dirty and not bathing the baby isn’t an option. 🙂

      • #3056307

        Good points, Mr. Steinbrenner

        by der tommissar ·

        In reply to what world

        We’ll get right on that.

    • #3056417

      I dont understand either…

      by tony.savoie ·

      In reply to Why are heads NOT rolling?

      Our WAN is made up of multiple domains. Each one with thier own set of admins and techs. My domain was the ONLY one not effected by the recent outbreak of Zotob, or any other outbreak I can remember.

      Why? Because the techs and admins on our domain did thier job. Systems are always patched, virus patterns are up to date etc.

      Zotob caused days of downtime at my company. All due to incompetence. Heads SHOULD be rolling, I dont understand why they’re not.

    • #3056413

      Masters of the unkown

      by lanman235 ·

      In reply to Why are heads NOT rolling?

      Being the manager whos head would roll can only say this. Middle and upper management have no idea what the IT departments do. The have no idea what it takes to keep they systems running or what it takes to fix them when they’re down. They only know we re there when they need us and invisible when they don’t And that they have the toys they want when they want them.

    • #3056409

      Loaded Question

      by craig_b ·

      In reply to Why are heads NOT rolling?

      Your question sounds like one that’s loaded and is aimed at shaking things up, however I’ll play along.
      I think you have to look at the entire system and not just try to blame someone. Yes everyone should be held accountable. I could ask, why don’t we take to justice the virus writters, or the software vendors that allow the security bugs, or Company Mgmt, or the IT dept, or the end users, or …
      The entire system needs to be worked on and improved. However Security is a double edge sword, simply disconnect your computer from the network permanently and you’ll greatly cut down on security risks but that makes it harder to work with others. The point is their is always a cost vs risk factor and finding the right balance can be tricky. So I would recommend that you work on fixing the problems, instead of just trying to blame someone.

      • #3056364

        Great Thought

        by tnc123 ·

        In reply to Loaded Question

        Yes indeed why on earth no one blames the computer guy. It must be strictly followed that if a virus or hacker attack happens in the company IT department must be held responsible.

        I would think there must be some rules made and a code of cunduct must be formed relating to this


      • #3056211

        Reloading the loaded question

        by vigilanti.x ·

        In reply to Loaded Question

        All this finger pointing at IT has the same effect of a dog chasing its own tail, there’s a lot of movement but not much is getting done. What ceases to amaze me is WHY should we need Anti-Virus/Anti-Spam/Anti-Spyware at all? The only people who should get fired and imprisoned, (I’d prefer something more but I’d like to remain out of prison myself) are the SOB’s that write/distribute/encourage these malicious programs. Having been involved in technology for some time now, I’ve watched as the internet has engulfed our networks and stand alone systems by the Hackers, crackers, “truth-seekers” and corporate greed (Who pays for all that spam and spyware? not to mention the hardware and bandwidth costs). We are essentially going after the cure and not the cause with this type of mentality. Sure, let’s blame Microsoft for developing and marketing a OS used by nearly 90% of the computers on the planet. But name another OS that will generally run tens of thousands different manufacturer’s hardware devices (Who makes MAC’s?….only Mac makes MAC), runs your outdated and obsolete software, and is fairly stable if people weren’t taking pot shots at it 24/7 (in the form of Viruses/hacks/spyware/exploits etc..)I’m trying not to turn this conversation into a Windows rant but if I were a Soldier (and I was)and I was facing the enemy, I would feel much better if there were only one or two of them. I probably could manage to stay out of harm’s way. But in Microsoft’s situation, there are literially millions taking shots at their OS, and without a doubt, they’re going to take hits. So who’s to blame? The one getting shot or the person who fires the gun? We need to become proactive against the “Criminals” of the technology world. This is the root of our IT problems at it’s very core, not some poor Network Administrator who is trying to keep his head above water. Thanks for letting me vent (I’ll take my soapbox with me)

    • #3056406

      Got your Back, Cover MA-

      by johanncox ·

      In reply to Why are heads NOT rolling?

      When the heads use money or time as factors to deny obviously needed preventive measures, because “it has never happened to us” syndrome, they tend to quickly rally around each other.

      They may also blame the IT crew unjustly. But, would not fire them, since the IT member(s) had already addressed the issue before it crippled.

      Yes, DOCUMENT all conversations and suggestions!

      When it comes to management cover each others back sides, it can be vigorous and zealous. When one starts to hit the slippery slope, others tend to follow.

      When it IS the negligence of the IT member, sure, they should face the piper, but maybe not the hangman.

    • #3056403

      SOP is why

      by ·

      In reply to Why are heads NOT rolling?

      Larger corporations have the policy of NOT changing any thing until they have verified all the ramifications of what the patches COULD break, rather than look at what could happen by it NOT being patched. They can spend weeks months and years trying to evaluate a program or patch and there are places that have not even adopted XP service pack 2 yet, because it causes too many problems with the users.

    • #3056378

      Reply To: Why are heads NOT rolling?

      by the admiral ·

      In reply to Why are heads NOT rolling?

      I can give you one good reason. If we fired everyone once for what they do, then we would have a turnover that would make a standard helpdesk with a turnover of 400% look like the Miss America Pagent.

      The fact of the matter is that, and this is a point that I drive home, if we are not going to enforce the policies that we are putting into place, then testing patches and virus updates and duplicating infastructure is a waste of time and money. Let alone, I think it is a waste of time and money to duplicate effort in the first place.

      That is why heads do not roll. Eventually, you kick the dog enough and it will turn on you. You don’t want employees telling executives to get rid of the IT department if you rely on them to ensure your systems are running.

    • #3056367

      Reply To: Why are heads NOT rolling?

      by mvierling9 ·

      In reply to Why are heads NOT rolling?

      I think one of the major reasons that “heads not rolling” is because IT departments for the most part are largely understaffed. I work at a company of 55 employees and I’m the entire IT department (IT director, IT manager, help desk, network administrator, telecommuncation expert). When IT departments are continually being reduced, something has to give, and that is what we’re seeing here.

      • #3056259

        A Good example

        by fcleroux ·

        In reply to Reply To: Why are heads NOT rolling?

        OK, you are a good example of what I am getting at.

        It is your job to know about threats out there, specially the bad ones.

        Now, lets say you get an outbreak. Management deems thats it is because some patches were not done but that was because you being by yourself did not have the time to do it all, you DO NOT GET FIRED. Great.

        On the other hand, if all along you had not ever suggested that they needed Anti Virus SOftware installed, and then got hit by a Virus. SHOULD YOU BE FIRED?

        If you suggested that they have Anti Virus Software and explained to yout middle management boss that they could loosed ALL their DATA and that three days of production could be lost, but he decided NO we do not need to spend money on something as frivilous as Anti Virus Software. Should HE be FIRED if there is a dissaster??

    • #3056365

      What are you, the Queen of Hearts?

      by saintgeorge ·

      In reply to Why are heads NOT rolling?

      Off with her head! Off with her head!

      If you fire somebody on auto every time something goes wrong, you’ll be soon working all alone, and you’ll have to fire yourself because you will be the one resposible of creting a Gestapo office environment, of having everybody more interested in covering their own asses than doing a good job and, in the end, of depleting your workforce.

      Even if the guys only resposibility was to keep up to date with every single security nuance that keeps popping up every day – and it is definitely not – mistakes are something to learn from. Of course, if somebody keeps making the same mistake over and over, then HE is making the mistake, not learning, and will have to be laid off so he will (possibly) learn something.

      More often, punishment will come from other directions. No bonuses, no promotion, less confidence in that person. Things that will make him or her work to be better at his job.

      In the end, management decisions do not follow a binary pattern, on or off, good or bad, do-everything-right or i’ll-fire-your-sorry-ass. If you ever make management level, you’ll learn that. Of course, it can always happen that you are so set in your ways that you won’t learn ever and stay where you are.

      Myself, I’d rather fire a low level employee who spends company time playing solitaire or second-guessing managerial decisions..

      (Any similarity to actual people is purely coincidental. No offence is intended but you can inferr what you want.)

      • #3056351


        by montgomery gator ·

        In reply to What are you, the Queen of Hearts?

        The original poster’s suggestion would create a paranoid environment where people would be afraid to do anything proactive because they are afraid they will get fired. Similar to the Royal Navy in the 1700s when they hanged some Admirals to encourage others to do better.

    • #3056349

      Are you all idiots

      by tewman2 ·

      In reply to Why are heads NOT rolling?

      Today in the tech world, there are always incompatibilities from one product to the next, when you fix one, another one doesn’t work correctly, or vise versa.
      Managers, although many don’t understand technology, they do understand that the techs they have are the most familiar with the network they have. The techs know what works, or what it will take to change it to make something else compatible. If they fired a tech because of an issue as such, they would pay a lot more for someone else to come in and figure out what the last guy did to get it set up. Sure the new guy could tear it apart and rebuild it, but that would probably cost more valuable downtime.

      I am a firm believer in using the latest patches, having everything to the latest patches. However, it takes time to test everything to make sure it?s going to work before pushing it out to the production floor. Sometimes you have to wait for a software vendor to patch their software before you can roll out the latest Microsoft patch. Sometimes the antivirus causes glitches with the fileserver committing files to disk. Use your heads think about it.

      Did I mention that I am middle management

      • #3047265


        by pivert ·

        In reply to Are you all idiots

        let all my 2003 servers do an update and suddenly our document generation program cancelled. so this took 1 day to figure out. thank you microsoft.

    • #3056348


      by awfernald ·

      In reply to Why are heads NOT rolling?

      What I have observed that causes this type of problem is as follows:

      1. Lack of coordination between technical areas (i.e. desktop support and network support) due to a variety of reasons including:
      a) outsourcing of certain functions, especially desktop support;
      b) political in-fighting between different managers
      c) lack of documented savings for preventing the attacks vs. recovery from the attacks
      d) lack of appropriate testing environments/procedures for performing the constant testing required to stay “up-to-date”
      e) inexperienced technicians/administrators
      f) lack of time to implement solution due to too much time fire-fighting

      All of these can be overcome, but they require time, money or political intervention.

    • #3056347

      Same reason Microsoft isn’t fined

      by rzimmerman ·

      In reply to Why are heads NOT rolling?

      Cops don’t get fired because they don’t always catch the bad guys, especially if it is white collar crime like hacking. And Microsoft get’s away scott free for creating these holes in the first place. Most IT techs are very conscientious but there are only so many hours in the day, and too many other things to do. Management needs to be held accountable first of all for ensuring that sufficient resources and tools are provided to prevent this problem. Also law enforcement needs to hire more cops with the training to catch these idiots.

    • #3056345


      by tewman2 ·

      In reply to Why are heads NOT rolling?

      In one situation I was in, upper management believed in me, they had seen me work miracles with their dilapidated equipment. However they didn?t want to release the funds to get the equipment that they really need for everything to function, as it should. The backup system failed, costing close to $10,000 in downtime, and reentry of data.
      They knew it wasn?t my lack of ability that caused the problem. I had already proven my self. It was the equipment, this woke them up to reality, and opened up the budget.

    • #3056339

      Lets look at the real problem…

      by graphx ·

      In reply to Why are heads NOT rolling?

      After being in a high profile magement job as an IT Director for a local meduim size multi-specialty Clinic with 50 doctors for several years, I can tell you that the issue is not that the IT Department doesn’t want to put out the latest and greatest Anti-Virus, Gateway, Spyware software and tweak it to make it work. I mean really – how many geeks do you know who wouldn’t want to get their hands on tweaking a new server, firewall, or internet appliance and make it purrr. It has to do with a more serious issue that these departments are connected to.

      This entity being the Administration. I leterally had to beg for Anti-Virus for 2 years before Administration would cough up the funds to implement it. It took another year for spam and spyware appliances to be purchase because most of the time these guys only see the bottom line and the dollar signs attached to it.

      This is actually more serious then most take it. Not only is it an issue when you go to purchase software or hardware, but also in aquiring new hands (staff) to implement the new products.

      To much cutting corners and money saving ideas go in to effect by Administration, and since they are not versed in technology, I have seem most of the money saving methods for technology fail to save anymore money then just buying the product with no discounts or incentives and saving yourself downtime.

      No matter how many times I personally addressed this with Administration, they dismissed my view points and decided to do it their way. Of course this just meant that I had more work and they wasted more of the doctors money then they saved.

      As for the comment made about why don’t the VP or CEO heads roll if they refuse the purchase. Are ya serious? Have you worked in Coorparate America? Fact is that they have reputations, money, a name for them selves – but actually doing the job that they know nothing about and you want them to manage to fix viruses problems and spyware problems when they do not allocate proper expense money or resouces to the cause. Come on.. think.

      Thats whats up. Sometime the truth hurts!

    • #3056321

      Not a realistic statement

      by binarypc ·

      In reply to Why are heads NOT rolling?

      One of the major problems with this statement is that virus writers are smarter than you are giving them credit for. They are writing the viruses to use necessary ports to Windows communication. A recent outbreak at a company we service caused the company to request port shut-downs throughout the environment. When they were shut down, GPO replication via FRS could no longer function. SMB connectivity between clients and servers across remote sites were shut down. Lots of little things were impacted.

      In answer to your questions above, this large number of servers had virus patches and current OS patches. A full understanding of the viruses and what they are impacting is necessary before making snap judgements.

      Of course, you could go ahead and fire your whole staff, then you would have noone to keep your environment healthy.

      • #3056318

        Management’s Acceptable Risk

        by beads ·

        In reply to Not a realistic statement

        It all boils down to one of two things. One, IT was caught off guard or simply didn’t heed the warnings. Or two, Management did not percieve active network management as being a big enough priority. Either way its no way to run your IT shop.

        Firing everyone in the IT department over one incident would be a knee-jerk reaction. Now if this was an ongoing problem that happens more than has been recently reported it may be time to reasess your IT management in general.

        My gut tells me its really a combination of the two above and isn’t as black and white as it may appear at first glance.

        – beads

        • #3056290

          Fire Them ALL!

          by activated ·

          In reply to Management’s Acceptable Risk

          This is the attitude that deserves being fired, why? Because accepting responsibility for the job you are hired to do is BASIC to having the job to begin with.

    • #3056316

      Are you for real or just want an argument

      by bigmat ·

      In reply to Why are heads NOT rolling?

      I don’t know about your real world, but in mine there are all sorts of reasons the experts should not get fired.
      The biggest reason is they are the experts….
      Who are you going to get to do the job if you fired everyone that couldn’t react fast enough because they had to fix someones paper jam or whatever?

      The biggest reason experts do get fired is the ignorance of the people that are doing the firing.

      How about the constraint of budget or the time it takes to fix an outbreak . A case in point SQL slammer took 15 minutes to spread to 90,000 computers, most companies virus defintion updates are not that fast to download or react, let alone the people writing the protection definition files.

      How about the guru who has been struggling with finance department to buy a firewall device, only to find because finance management took 2 months to approve budget, the security of the hardware they put up in budget has been cracked by some virus scripting wizard and now needs more money to be spent to circumvent that risk, again another approval process.
      How about we sacked all the experts, all you’d be left with are numb-skulls, then see how many viruses are introduced into your organisation.

      Please remember we are only human so errors do occur, but on a percentage basis the statistic of error is very low.

      I find it could be possible to read between the lines of “fcleroux’s” thread one scenario I see is that fclleroux got fired for introducing a virus. Well I say if that is the case, don’t come to me for a job because I just don’t like your reasoning.

      I recently saw a presentation where a expert told us about an email that was sent to staff from the Techs advising them not to open attachments if they didn’t know who they were from. Half a day later the Techs sent out a bogus email from a bogus address within the organisation, 20 percent of the staff opened that attachment. The attachment reported back to the Techs as to who opened them. People are stupid, that’s they way it is.

      I probably have said too much, but please be honest with yourself…..

      • #3056291

        Liability On Top Of Being Fired…

        by activated ·

        In reply to Are you for real or just want an argument

        From a techie….If you dont defend the company as you should, you not only should be fired, you should be liable for damages as well.

      • #3056226

        Just an arguement

        by fcleroux ·

        In reply to Are you for real or just want an argument

        Obviously you have not read all the threads.

        My point is that sometimes people have been negligent in their duties. I have seen it from MIS Managers and Middle Management in the corporate environment.

        Now I do consulting. I usually get brought in to companies that have just had BIG disasters happen to them.

        If my job to find out the why’s, where’s, and how’s, what needs to be done to fix the problems and how to do it.

        Several times a year I see things like Financial and Legal companies without Firewalls, many without ANY passwords on ANY equipment, not Anti Virus Software. Very often these companies do not even have backups or very old and outdated backups.

        Sometimes this is because the IT people did not do their jobs, sometimes it is because middle management people did not think it important enough, but inevitably no matter how bad or how stupid (or negligent) the reason…. no one gets fired!!

        I have even seen a tech who had formatted C: /SYS on a system before he realized he was KVM’d into the server and not the workstation he thought he was on. Cost the company about four expensive days of several IT people re building their server before they could recover the DATA from tape!

        If I ever screwed up that bad I would probably resign before they had a chance to fire me (as I would expect them to).

        And, NO, I luckily enough never had a major Virus Outbreak anywhere that I have worked. Yes partly luck but mostly because of a little diligence.

    • #3056313

      Shit Happens

      by itguyy ·

      In reply to Why are heads NOT rolling?

      When the car breaks do you fire the mechanic?

      When the building catches on fire, do you repremand the firefighters?

      When you have eight PC support guys covering 12 sites over the U.S. encompassing several thousand computers, continuely cut the budget, redirect them to new projects on a monthy basis, provide no training and do not listen to pleas for increased security, updates and allow departments to install their own operating systems on a regular basis as needed….

      …Are you going to fire them for doing their best to keep up with virus writers who often have exploits out the day after the patches? Especially when several patches kill machines with non-standard installs?…

      …Is the CIO (Presidents) going to fire the managers he has driving PC support who are simply working as hard as they can to keep up with the CIO’s wishes and cost cuts?

      ..Is the CIO going to get fired for responding to the problem?

      Not in this reality. Everyone works overtime, you get over it, and buy beer afterwards. Divide and conquer and try to get smarter next time.


      • #3047051

        and **** rolls downhill

        by systemsgod ·

        In reply to Shit Happens

        It’s the classic blame game. Like my grandma used to say: **** rolls downhill.

        The board of directors asks the CIO why this happened and he blames the IT directors, who, in turn blame the IT managers who then blame the senior techs who in turn blame the junior tech who gets wrote up and prays for the day they hire someone he can blame.

    • #3056301


      by eddie15068 ·

      In reply to Why are heads NOT rolling?

      How do you know NOBODY has ever been fired? reads like you’re in the know. I’d like to know where you work so I can be completely incompetent & keep my job. Sounds like you have an axe to grind. BTW how’s SpyCatchers Alliance Inc.???

      • #3056285

        PS….CHeck Out the Profile of the guy that started this thread…

        by eddie15068 ·

        In reply to Nobody?

        He’s just throwing water on an electrical fire…

      • #3056215

        SpyCatchers Alliance Inc.

        by fcleroux ·

        In reply to Nobody?


        We do not know or assume that nobody has ever been fired. It has not been reported by large companies that they have ever held someone accountabloe after a large outbreak.

        SpyCatches Alliance Inc. is a new company that is being setup by a group of about 10 large corporate IT Consulting/Management companies in Western Canada that specialize in Disarter Recovery, Security, Anti Virus, Anti Spyware, Firewalls, VPN and such.

        It is forming the alliance to better help protect their own customers by join forces and sharing resources (and employees).

        This new venture has not only been succesfull already in its early state but also it has been profitable.

        • #3055943

          Sick of Vendors on these Boards

          by eddie15068 ·

          In reply to SpyCatchers Alliance Inc.

          I always check the profile when posting on these boards. This is supposed to be a free exchange of ideas. Next you’re going to tell me how your alliance corp will help me keep my “Networks safe & Virus free”…please you gouys only start these troll comments as a means to an end…to hawk your wares & services….

        • #3053784

          Hey bonehead!

          by fcleroux ·

          In reply to Sick of Vendors on these Boards

          First off, I have never trolled or done anything like that. Second I was only replying to the previous post because someone looked at my profile and “ASKED” about it.

    • #3056293

      Patches Not Current?

      by activated ·

      In reply to Why are heads NOT rolling?

      FIRE THEM ALL!!!!

    • #3056289

      We’re only as good as the products we employ

      by eclark ·

      In reply to Why are heads NOT rolling?

      Consider Cisco’s IOS code leak on the web. Consider the fact that some of the leading anti-virus vendors release new definitions once per week. Consider that many malware applications do not detect all malware.

      Are we to held accountable for the actions, or inaction of our vendors 100 percent of the time?

    • #3056288

      Fire all the police

      by d-joatmon ·

      In reply to Why are heads NOT rolling?

      It’s like asking “Why aren’t all the police fired that don’t catch every speeder on the freeway”. Put in place of “police” your favorite IT scapegoat. Put in place of “speeder” every single threat to an IT environment. Got a new radar gun… guess what? The same company that built that radar gun is the same company that builds radar busters. Anybody ever wonder why MS goes into great detail in their “Hey we found another problem with the security of our OS”? Seems to me that it would be smarter to say, “Here’s a patch we’ve fully tested, you need it, get it”. As opposed to, “If you really want to screw up somebody’s network here’s a basic map of how to do it” each and every time they post a security patch.
      It doesn’t matter how many police are on the road there will always be speeders. Unless you’re talking about an unfeasible 1 to 1 ratio it’s a never ending problem. One IT guy to handle viruses. One IT guy to handle OS patches. One IT guy to handle firmware updates. The list goes on and on. Then if that 1 to 1 police doesn’t catch his one speeder, then hell yes fire him.

    • #3056277

      Your profile states you have a management job?

      by cosburn ·

      In reply to Why are heads NOT rolling?

      The way your post was written is entirely designed to annoy and provoke a response. Congratulations…there are a lot of threads here.

      IT management at any level has a series of jobs (as I’m sure you know).
      1. Keep the company running.
      2. Manage your staff so that they can accomplish tasks.
      3. Manage you boss (or multiples of) to keep everyone employed and the budget to buy at least what you need.
      4. If you and the staff are lucky enough to have time and some extra budget, test-buy-deploy and remediate any problems you can that exist today. Very rarely do most IT people at any level have the chance or luxury to play on the future toys.

      I’m sad that you have the time to state that people should lose their jobs because of a virus attack and/or stating that the entire attack and downtime is a result of incompetence. Drop MS a line and let them know about a certain critical flaw called the OS…..they might care.

      People lose their jobs for a variety of reasons, but your post ‘is designed’ to state that you must enjoy the process. If someone must be fired, part of a layoff or ‘reduced’, then it should be for the correct reasoning and done with style and intelligence. The entire event is difficult enough, but I would love to hear you explain to any number of IT people that they just got canned because of a virus attack. How’s your reputation in the city you work in?

      The line of reasoning in your post reveals a severe character flaw and lends strong credibility to the theory that good/great management and leaders and born, not trained.

    • #3056247


      by toby ·

      In reply to Why are heads NOT rolling?

      The ever famous Some Other Dude Did It

      I know from personal experience that when a tech or an entire IT department gets caught with their pants down it’s oh so easy to just blame someone else.

      When I was a Jr. Tech many many years ago I actually witnessed the head of our IT department (fortune 500 company mind you) double talk the CEO into thinking it was HIS fault the systems were down and it was going to take him all weekend to fix the mistake and ended up getting a raise because of it.

      It’s really not that hard to blame someone else… so and so opened an attachment they shouldn’t have or simply check the CEO’s or CFO’s internet history and then make a general announcement stating that a certain site (one that shows up in their history multiple times) was to blame for the infection.

      Then basically all you have to do is sit back and watch the big wigs scramble to cover YOUR ass.

      It really is simply a game, those that play the best go the farthest, which is why most of upper management is more or less incompetent in many companies. They simply know how to pass the buck better than the guys below them.

    • #3056224

      you’re the only who thinks this

      by tc ·

      In reply to Why are heads NOT rolling?

      how about you come up with a single, simple solution with proper fw protection alone, or proper av protection alone, or os patches alone that can prevent these viruses?
      this simple solution should cover everything from servers, desktops, laptops and pdas/smartphones.

    • #3056213

      the best laid plans

      by joetechsupport ·

      In reply to Why are heads NOT rolling?

      The Golgafrincham coordinate the colour of the anti-malware strategy. Traffic light meters and colour-coded threat-status alerts are key when implemented with Visio flowcharts, Project tracking and Exchange reportage.

      Heads do not roll because everything is under control.***

      [*** Provided Blackberries remain functional: Dead Blackberries spell reorganisation.]

    • #3056206

      Will they fire you when…..

      by nottheusual1 ·

      In reply to Why are heads NOT rolling?

      … one of your customers steps on their johnson, whether you **actually** had anything to do with it or not? But, since you were unable to **PREDICT** everything that could possibly happen to them, aren’t you responsible? Even if they didn’t budget enough money/time? You should have known, right? Hmmmm….. Still feel the same way Mr. IT Exec?

    • #3056200

      Training costs

      by bhunsinger ·

      In reply to Why are heads NOT rolling?

      Funny no one here has mentioned the most important reason- IT security training. Even more important- non vendor security training. Look at this site- half the information is vendor provided- not exactly the most unbiased sorce of information. That’s OK here, it’s clearly labeled.
      But how do you make the case to upper management when all you have are what they see as sales brocures? (Yeah yeah, it’s a white paper. Sure it is. Printed on our very own printer’s white paper)
      Refusing funding for training is not, on it’s face actionable, since it is and investment, not a repair. Payig someone to learn how to spend even more money is even worse.
      Finally, security people are facing a backlash from y2k and the dotcom bust. “We just spent all this money and it still works great.” “They said we had to keep upgrading stuff or die, we stopped upgrading and didn’t die yet.” or the real issue “They said we had to do this for Y2K and they lied- we could have just patched – not bought new.” Any one out there who didn’t see Y2K as a reason/excuse to get everything they thought they needed?
      Chicken little, the boy who cried wolf. Bad training or vendor only training. They just want the latest toys to play with. Everytime they do one of their security thing it makes it harder for people to do their jobs. All of these things argue for the lack of funding.
      Few people get fired for not doing someing a subordinate asked them to do. their defense is simple – My boss said we had to live in budget-I said not yet not no.
      Risk management means the risks sometimes hit.

    • #3056196

      Heads *should* roll

      by doc ·

      In reply to Why are heads NOT rolling?

      I agree with this sentiment. But then again, who will be the arbiter of “was this virus/worm/malware truly preventable”. As you know, some are – simply by installing an AV program and/or keeping Microsoft systems patched/updated.

      But if we’re looking for heads to be lopped off, then why not take it a step further? Why not fire the bonehead decision-maker that decided to implement Microsoft enterprise-wide? After all, doesn’t this kind of poor decision-making warrant a good beheading?

      If heads are to roll, then let’s start at the top, and *then* work our way down. Firing lowly systems administrators is not quite as practical as one might think; you have to consider replacing all the beheaded system admins, which could be quite costly. Perhaps not as costly as the downtime caused by their carelessness – so the *real* fiscal impact should also be taken into account. Chopping an admin’s head off as a knee-jerk reaction makes about as much sense as the decision-maker blindly selecting Microsoft for the entire enterprise.

      So if your company or organization is “stuck” with a Microsoft-centric computing platform, then at least provide adequate training to those unfortunate admins that have to take care of this poor-excuse-for-a-computing platform.

      After all – if you fire all the Microsoft admins – you will have to retrain their replacements anyway. So providing adequate training to begin with should probably be the fist step, and *then* fire them for failing to perform up to corporate policies and standards if worms and viruses continue to plague employee’s neglected systems.

      -Rene’ Mente
      Neptune Consulting Group, Inc.

    • #3056183

      What do you base this info on?

      by sluster67 ·

      In reply to Why are heads NOT rolling?

      And how is it you know whose heads are rolling and whose heads aren’t? Maybe I am just dense, but how are you so in tune with the firing practices of the companies you are referring to? For all you know employees ARE being held responsible one way or another.

    • #3056179

      Right Between the Eyes

      by bill.affeldt ·

      In reply to Why are heads NOT rolling?

      So anyway this soldier is in combat and takes a bullet right between the eyes. Instant death.

      Does the family sue the helmet maker for not putting a bridge of the nose gurad on the helmet?

      Does the army fire the supply officer for giving out a helmet that didn’t protect the soldier properly?

      Is the captain who told the soldier to go left instead of right culpible?

      Is it the fault of the Secretary of state for sending troops without proper protection?

      Is it the presidents fault for misleading you into a war ?

      Or is it the fault of the SOB who pulled the trigger on the gun that shot the soldier?

      Or is it the fault of the leader who antagonized us into the war ?

      Protecting your assets is a war. There are casualties.

      So what you do is create an environment where honesty is rewarded not punished. You look at what happened and you put thing in place to keep it from happening again. It may be that the admin should be reprimanded. However it may be that the CIO should be fired for not explaining the risk of viruses to the steering comittee. It may be the CEO’s fault for rejecting a proposal because he was too stubborn to understand the risks. It might have even been a defective product.

      What is most irritating about this thread is the lack of attention given to the real problem. Stopping the viruses from being written and transmitted. People caught writing and distributing viruses should face VERY stiff penalties. They are liable.

      I hope that all of you who are so quick to fire someone for something that may or may not have been your fault … have something you are associated with break and your boss comes through with the broad axe.

      Do you really think that sysadmin WANTED ts ee a virus infect his system? Probably not. So take some advice: use the experience to learn how to prevent things. Get to the root of the problem and then make sound decisions based on root cause analysis.

    • #3056138

      There IS a point to this – not everyone is innocent

      by arjee63 ·

      In reply to Why are heads NOT rolling?

      C’mon – I can think of two distinct instances where IT knew the risks, was informed by other people of problems with their systems that spelled trouble, and chose to ignore it. Budget and time limitations had nothing to do with it.

      In one case, an “IT Pro” dragged his feet getting the corporate antivirus configured correctly. No one was getting their definitions. On top of that, even though they had purchased SMS, they weren’t using it to keep Windows updated, so no security patches were going through either. One particularly nasty virus disabled the entire network, and the support staff (who have no access to SMS or NAV administration) spent three days manually patching people’s computers. There was no budget or time shortage that caused this problem. The problem was just arrogance and laziness.

      Another one that happened more recently is a corporation whose internet policies were so unsafe that they had been repeatedly warned they were at risk by their antivirus provider. Their local techs had to boot computers from a floppy when they went down a few weeks ago.

      Sure, sometimes people’s hands are tied. But, sometimes, the people who have the ability, time, and resources to take care of these problems, just don’t, because they know they can fool their non-IT upper management.

    • #3056119

      400+ server 5 people

      by james schroer ·

      In reply to Why are heads NOT rolling?

      Think of this. There are 400+ servers that are supported by a team of 5 people. Everytime MS puts out a patch you have to go through the routine of testing the patch on a test enviroment from there you can deploy it. Now imagine that out of these 400 servers you have 150 different enviroments. SO you have to install this patch 150 different times test to make sure it doesn’t break anything then deploy it to the production enviroment. That’s what happens to the large companies. People get tired of doing this every month for M$ stupidity.

      Now on the other end of the spectrum. Imagane having 5 servers. Absolutly no test enviroment. One day you install this new patch and it KILLS your servers. How like like are you going to take that chance or take the chance of getting hit with a virus.

      It really is a lose lose situation. BUT there is an answer. There are product out there like one by Cisco call Cisco Security Agent (CSA) I’ve learned that this is a great type of product. Basicly you teach it what that machine is suppose to do and if it gets hit with a buffer over flow or something like that CSA will not allow it to run. You still end up with an infected machine but the virus/worm just can’t do anything.

    • #3056113

      On large corporations it’s a mess.

      by dsilva ·

      In reply to Why are heads NOT rolling?

      Sometimes on large corporations it’s a mess due to internal organization and policy.
      There are sites that have a good IT resources well supported by local management that can avoid troubles. Other sites without resources or resources with limited time(management can take IT resources focus to other less important subjects) and knowledgement can put their systems into real troubles.

    • #3056109

      The biggest reason>>>>>

      by mhambrecht ·

      In reply to Why are heads NOT rolling?

      Many companies have proprietary programs that may or may not be effected by updates, patches etc. So they have ordered their IT departments to thoroughly test all updates before applying them. This takes time and in the event of worms or viruses that is time most companies don’t have. This just sounds like an excuse but I would rather an unknown hacker be blamed for my network coming down and not me for applying a patch that brought down the ERP program my company is running and the patch blocked a port it was taking advantage of. It takes several hours for most Anti-virus companies to come up with a new definition after discovery and then your system needs to looking for the updates at that time. Most of this is all done after hours so as not to clog up the network with extra traffic. Mind you these are all just excuses but if upper management makes policy then the lowly IT techs must implement it. Firewalls are another issue entirely. Some mangement types want the firewalls to be less secure so that they wont be be hampered by it.

      • #3056090


        by mipsv ·

        In reply to The biggest reason>>>>>

        Don’t forget you generally have to have just cause to fire some one and being the victim of a “criminal” act is not justifiable. IE: You can’t claim much insurance if you blame someone. Now, it doesn’t mean that things will be all rosey for those in IT but generally managers look at this as “no press is bad press”.
        It would also mean a detailed blow-by-blow of company books, emails, and lots and lots of employees talking on the record. Then you would have to still prove that the attack was BECAUSE of someone in the company (they planned it) – an “inside job.”
        However, it doesn’t mean that an employer can’t find another reason to get rid of someone. Its amazing how important it can suddenly be to be on time everyday, for instance. So, senior managers might not go right away but his/her staff is slowly changed out.

    • #3056081

      Why aren’t makers of the software not being sued???

      by richdemars ·

      In reply to Why are heads NOT rolling?

      The makers of the faulty software should be getting sued for not doing the correct research and testing on their rush to market products. If a product is taking years to rush to market, then maybe it should take more years to correctly bring to market. If that is not financially possible, well that is to bad, that is capitalism.

      An IT shop cannot rush into patch management. Business does not run on operating systems, the applications that support business runs on the operating systems. Any changes to the any part of the puzzle must be completely and thoroughly tested to keep the applications/business running first.

      • #3054688

        Read the fine print on your software’s packaging

        by pretselz ·

        In reply to Why aren’t makers of the software not being sued???

        You can see a disclaimer specifically indicating that your use of the software indicates agreement to their disclaimer that they cannot be held liable for damages resulting to the use of the said software.

    • #3056044

      Get a grip!

      by dfarrich9 ·

      In reply to Why are heads NOT rolling?

      If you really understood your profession, you would know that nothing is guaranteed. Besides, what will be your explanation when your head is on the block after a “competent” hacker bypasses your protection and crashed your systems? It must be difficult living in an imperfect world.

    • #3056022

      Example of a broader syndrome

      by jimthegeordie ·

      In reply to Why are heads NOT rolling?

      In very large companies, there is often a disconnect between top and middle management, in that orders come down, but advice often never goes up. Sometimes there is a blocker because the nuts and bolts of IT (for instance) is not as sexy as M&A, Six Sigma or whatever the outside consultants are pushing as flavour of the month.
      Here is an example which while not directly related to this thread, shows what I mean.
      I used to work for Telstra, the biggest Australian telco as a contractor, looking after a system that ran their teleconferencing products. This was unusual as just about everything else was outsourced to IBM Global Services. Telstra fell out with IBM and a campaign started to “recapture our intellectual property”. One of the rules wheich emerged was “Contractors should not be in charge of major systems”. Our system was based on a dying technology and a new system was already in preparation. We expected to work another year and walk away after the new system was installed. However, we were told that our contracts were being terminated in favour of permanent staff. The problem was, no one in Telstra wanted the job. They therefore had to hire in two people and put them through all of the training courses. After three months, one of them could not stand the pressure and left.
      The point is that management edicts (which were actually good in principle) were carried out mindlessly because no one had the guts to stand up and point out that our situation did not fit the preconception. IT security is a significant expense, but there is little if any personal payback for the top management concerned, so there is often (but not always) a wall that must be broken through to push the message upwards. It takes a fearless senior manager to do that.

    • #3056020

      Narrow Minded!

      by yanipen ·

      In reply to Why are heads NOT rolling?

      As usual, I am late to join this discussion. Maybe I am the only one that is logged-in rigth night. Anyway, I will still say my piece.

      An issue just like this was brought-up in one of our company’s meetings a long time ago. We actually had a heated debate about firing people. That is what you call in your place “heads rolling”. But the HR and IT was against it. It is just being insecure, and narrow-minded, and having a false sense of security, and just being overly paranoid.

      So we ended-up with some resulotions and thus, it became one of our company’s standing policy. Like, unless the so called virus/worm activity was proven deliberate, the employee can not be blamed entirely for the havoc that will or can happen. If it was proven that it was deliberate, then the management can take action.

      It just means that things like this should be handled with care. I dont know about the place you are at, but it is entirely different from where I am.

      IT people should know, in the first place that our technology right now is not 100% fool-proof. Those that are in place, which I assume are being updated regularly does not provide all the guarantee.

      There a number of virus/worms, etc. that are being created every day. And a number of patches a few days after. We all know that new virus/worm is not yet recognized by security systems in place. Unless some security group has recognized the threat. So why put the blame on others?

      Again, I do not know how you do things there. But here, we tend to look at the bigger picture before we point things inside that picture.

      I said my piece. I hope this helps.

    • #3055976

      well the main reason….

      by marionuke ·

      In reply to Why are heads NOT rolling?

      The main reason it sometimes isn’t preventable is when you have a server that has been running with all the Software your bussness needs and has been there for quite a few years adding something as simple as a OS patch could screw everything up so most Administrators test the patches with the Apps the company uses on a seprate machine so that the company doesn’t have alost of downtime if the patch/update has a negative affect it’s one of the reasons Corps haven’t all switched to newer products ; reluctance. The bad thing about testing first is sometimes you get caught offgaurd when your still in testing and your whole network gets infected because the virus gets through your firewall in a email or other file a employee or Officer opens. So you see it’s not neglegence it’s that Worms move fast across the net and servers can be very figity and you have to test what your planning to use before you use it or you could cause irepriable harm. Here’s a example when XP SP2 came out it had such a problem with some firewalls that the OS would have to be reinstalled. That’s the reason Admins test first.

    • #3055912

      Corporation Issues

      by mikeewalton ·

      In reply to Why are heads NOT rolling?

      Our company network the week before last became infected with the ZBot virus. This was because our Windows 2000 was not patched with Service Pack 4. However, this was not because our IT guys are lazy, but because corporate had a problem with SP 4, because of Active Directory. So whi needs to loose there jobs?

    • #3053918

      Kind of like supply and demand

      by mjd420nova ·

      In reply to Why are heads NOT rolling?

      Todays market place is slanted to production, as
      that’s what earns the money. You only stop when you have to or if it doesn’t interfere with regular production. Providing an outlet to users who have the need to browse or play games
      means no need to do so during working hours and on production units. Diligence may sound as
      a strange term but keeps the bosses happy and workers working. Each day in the life of an IT
      person should be like a sponge and supervisors
      should know when they need to get wrung out
      and some even set aside to dry.

    • #3053718

      You may have to get your facts right

      by pretselz ·

      In reply to Why are heads NOT rolling?

      FACT: Virus writers are ALWAYS one step AHEAD of antivirus makers.

      FACT: There is still no effective anti-malware solution that can guarantee 100% protection against known malicious code or exploits

      FACT: Not all exploits get a solution within an acceptable timeframe

      FACT: There are AT LEAST 4 new viruses DAILY that comes out. This data is as of 2 years ago.

      FACT: Additional software in the enterprise = additional security exploits. (New firewall? New Proxies?)

      Expecting that any particular group in a company can foresee ALL possible problems(even to those directly related to their department) and provide 100%-effective preventive solutions is way too optimistic to the point of foolishness.

      Btw, how much do you spend per IT staff and per computer user with regards to:
      – Trainings related to IT security
      – IT solutions that implement IT security policies
      – Implementing multi-tiered, redundant anti-malware solutions

      You oversimplify the challenge of IT security.

    • #3053687

      Never that simple…

      by gometrics ·

      In reply to Why are heads NOT rolling?

      Some updates break critical applications and therefore cannot be installed. Antivirus programs tend to not work well together and consume significant computer resources and no one package catches everything. I suppose if an IT person was apathetic about the whole thing (took no precautions) then their head should role. But in my experience, the IT person/manager can be viewed as chicken little for pointing out threats (and needing money to fortify the system) until after something happens. So in this case who will you fire? The CEO or Owner? Usually won’t happen.

      It’s a game of $, it seems like nothing will be done until the damage is already done. Finally, there are cases where some manager or owner demands inappropriate network rights. Despite many protests from IT ultimately the boss wins out and can install all sorts of trash on their computer. In one case, an owner of law firm liked to go to chinese porn sites and when scolded by the IT person they laughed it off. Maybe large companies are different but this is the world I live in.

    • #3054771

      Reply To: Why are heads NOT rolling?

      by kevin.l.mousetis ·

      In reply to Why are heads NOT rolling?

      Well, for one thing depending on who you work for, there’s someone upstream who has to ok the patches before they’ll let them be installed. That’s probably to make sure the patch doesn’t k.o. an app on a thousand machines

    • #3047044

      Legal Ramifications

      by miles999 ·

      In reply to Why are heads NOT rolling?

      Just a thought here as I have only seen a couple of posts come close to bringing this up, that being the legal ramifications for firing IT staff because an infection got through. The IT person has nothing to lose at this point and decides to take the company to court for wrongful termination or something along those lines. During the questioning one of the attorneys asks if it is possible to protect against something not yet invented or think of every possibility needing protection. How can you create protection when you have no access to the source code? Even if you did, are you creative enough to think of all the ways to hack it? Sounds like we are now going down a slippery slope. I don’t know how a corporation could expect to win against this as blame could easily be spread to more than the IT individual. The only defense is to prepare for WHEN the hack occurs and make sure the disaster prep is good to go. Not trying to be a pessimist here but we should think of the legal aspects before we call for heads.

    • #3047037

      place the blame

      by wford ·

      In reply to Why are heads NOT rolling?

      sometimes, the inhouse our outsourced it staff suggests the proper protocols and policies, but the executive management does not go with their suggestions, despite the warnings. in this case, the executive management cannot hold the it staff liable. this is not always the case, and in a situation when the staff has simply been negligent of their duties, i agree that they should be replaced.

      • #3046927

        Pass the Responsibility

        by info ·

        In reply to place the blame

        Make the decision makers responsible for refusing your suggestions!
        Write down the threats and (if you have any idea) the downtime or data loss which may occur if the Worst Case hits you.
        Make your suggestion, tell them the cost and refuse further responsibility for the system if your suggestions will not be set up.
        Put it into writing.

        Will say: pass the responsibility to you seniors,
        most may prefer to spent the company?s money than bearing the blame. It may be THE ONLY way to argue into our CFO and CEO!


        Management by Terrorism:
        Set goals AND refuse means

    • #3047334

      Shoot who?

      by rm3mpc ·

      In reply to Why are heads NOT rolling?

      I’m not averse to blaming management for all sorts of problems.
      I dare say that too many businesses pay too little attention to
      providing a secure environment. But consider this: Microsoft
      comes out with patches all the time, and in the course of
      Microsoft taking care of Microsoft, they break things. Lots of
      times it’s third party things, like device drivers or applications. In
      fact, Microsoft sometimes breaks Microsoft stuff, too.

      So, do you routinely and religiously plop every patch from
      Microsoft onto your systems in the name of improved security?
      How do you explain to your customers (internal or external) that
      they’re better off not having access to that printe or scanner
      than not having access to their computer system?

      It’s the techies who are often reluctant to accept all the fixes
      from Microsoft et al. for the very simple reason that they need
      time and a sandbox to check out the integrity of these fixes. It’s
      time-consuming and costly, and with the accelerating
      development of worms and viruses (days, not weeks, from
      announcement of security hole to exploit), an almost impossible
      burden to meet.

      I’m picking on Microsoft (one of my favorite sports, I’ll admit),
      but by extension, I think the argument applies to the more
      secure environments like Unix and Linux, too.

      People use computers to get their work done, or for recreational
      purposes at home. They don’t want to invest time and money
      and mental effort to defend themselves every time they turn the
      thing on to write a letter. Techies should take cognizance of the
      wants and needs of their constituency.

      They should also take cognizance of the constraints on their
      management. Sometimes, those who sit in the corner offices are
      indeed idiots bent on making their quarterly numbers so they
      can move on before the deluge hits, but sometimes they’re
      trying to satisfy everyone while dealing with impossible
      constraints. Plan B is not only off with their heads, but
      outsourcing to some cheapo outfit that makes promises, collects
      revenues and moves on to the next sucker after their contract
      isn’t renewed.

    • #3047307

      Proactive vs REactive… and the real world

      by retroreformat ·

      In reply to Why are heads NOT rolling?

      It is amazingly easy to say anybody could be held responsible for infections showing up on any system.
      Even if a user can be tied to a specific breach of security there is no guarantee whatsoever that any given IT pro cannot be blamed for the existence of a minefield that is, in far too many cases, invisible by design.

      Its not as if an employer needs a real reason to fire you any more, is it?
      Armchair quarterbacks are cheaper than a dime a dozen, and when those who control your employability know less about the obstacles you face than you do, it is only normal for the uninformed (manager, supervisor, CEO) to summarily point a finger and fire anyone who cannot control damage said supervisor is already taking heat for.

      It is immaterial to the uninformed that even the original writers of the programs that provide so many expolitable holes and other assorted security problems don’t know they are there.

      Too many of these armchair experts refuse to accept or even acknowledge the architecture of modern software companies which use compartmentalization to assure that insider knowledge of a specific segment of any program does not completely compromise the entire suite.

      This is exactly why even Microsoft is left to reacting to faults it created on purpose, as opposed to preventing their occurance in the first place.

      When you have perhaps 3 people in a company who know ALL THE HOLES, you can better control what specific information comes out, and know exactly who that leak can be tied to, and if you split the suite into 15 different sections, each with its own little closet of secrets, it becomes almost a piece of cake to know who to sue when someone ignores their confidentiality agreement.

      With all the information that has come out about earlier redmond products for example, and their rather questionable practices regarding data mining and useage tracks, is it really any surprise that more and more cryptography is being used to specifically prevent any software engineer outside of the the original coders company from seeing what is really going on behind the GUI?

      At a MINIMUM they have a duty to their stockholders to prevent software privacy… If, however, they have somewhat more nefarious purposes in mind, such as providing a surrepititious and transparent surveillance system, they have far more reason to compartmentalise everything under the sun AND encrypt every function they can, as in XP.

      How is it even remotely possible for any IT department to find these holes in the midst of day-to-day business when even the original writers are most often notified of them months or years after a product has already hit the street?


      If your organization is not specifically in the business of reverse engineering and hacking code written and encrypted by others, you have no hope of seeing the writing on a wall that is invisible by design, unless you stumble upon it, and then have the time and resources to examine it.

      I would suggest every IT pro on the planet immediately start finding and archiving each and every instance of what I refer to above, just to be sure you can adequately defend your positions to those above you who may well be unaware of the facts.

      I would even go so far as to blatantly suggest that this question even coming up is a shot across the bow of your employability when companies everywhere are looking for an office to which one can assign BLAME, where hackers and other operatives remain far too unaccountable for the liking of stockholders and insurance companies.

    • #3047274

      Why no increase for preventing attacks.

      by gprinsloo ·

      In reply to Why are heads NOT rolling?

      The IT department is like a soldier at war. He fights to the death and should only be transfered or killed.

      Sometimes issued a medal or award but paid for success NEVER.

      Bottom line, it goes with the job.

      If yes.. Fire them.

      If no .. Leave them be and work.

      If Maybe .. Leave them be and work.

      Otherwise Truth be told, dont mess with them they are mostly unsociable creatures who live to work not WORK to LIVE.

    • #3047235

      I was prepared

      by master3bs ·

      In reply to Why are heads NOT rolling?

      I was just hired prior to the latest worm attack. One of the first things I did was make sure we had the patches necesarry and adequate security. The security was actually already in place, but the virus defs and patches needed updating.

      It should be a routine process.

    • #3047118

      The realities of the situation

      by server queen ·

      In reply to Why are heads NOT rolling?

      Look, I haven’t been hit with a major worm or virus since the loveletter.vbs – and that was quite literally my first day here. My first action in this job was to shut down email for two days when I realized that almost nothing here had any virus protection on it at all.

      We’re very restrictive on what we allow through the firewall, types of attachments, etc., that can go through email – and all we get is flak and bitching from the customers about how our “stupid paranoia” is “preventing them from doing their jobs.” But let me reiterate – we have not been hit with a virus since loveletter. Do we get thank-yous for protecting the enterprise so well? No, we get continually bitched at for being control freaks, and we get called into management meetings to explain why we don’t allow people to send 100MB files through email, or .exe’s, etc.

      As to patching – I do patches when I’m able to. I’m the sole admin for 150 servers, none of which can easily be brought down during regular hours. This is a school district, so I have more leeway than in a corporate environment, but I still have to wait for school breaks to do widescale patching, or else go through major negotiations for planned outages. And the servers here at the central office – well, these freaking people NEVER go home, so I just have to bring them down sometimes and listen to the phones ring.

      The realities of the situation are that, in most environments, there isn’t sufficient staff to keep systems totally up-to-date. What staff there is is too busy fighting fires and keeping things working to be able to spend all their time researching what the latest threats and patches are. An example is the recent fooforaw with APC software – the Java certificate on the older version expired. Now, APC didn’t really bother to tell anyone – including registered customers – about this. The information was out there if you dug for it, but most of us found that out when our servers started to hang on logon. Should we have been fired for not knowing that was going to happen? Are we supposed to be able to absorb this kind of information by osmosis, or spend every hour we’re at work digging for the latest patches and versions on every bit of software running in our environment? That’s hardly realistic.

    • #3065036

      Heads should roll for using Windows

      by awolfe_ii ·

      In reply to Why are heads NOT rolling?

      My employer has a terrific firewall and is as aggressive about PC
      and network security as you could want. 95+% of our
      employees have PCs configured using a master disk image with
      automatic monitoring, scanning, and virus update.

      We still got hit with Zotob. Now, we didn’t get it as badly as
      many other organizations, but we still got it.

      There is no “preventable” on Windows. Any operating system
      that needs an anti-virus is inherently insecure. If Windows had
      any kind of serious access control and memory protections,
      viruses would be impossible the way they are on Unix.

      Now what were people saying about Windows TCO being less
      than Linux???

Viewing 78 reply threads