Why security is the first thing to go, episode 65,723
Credit to Author: Sharky| Date: Mon, 10 Sep 2018 03:00:00 -0700
IT contractor has a project to upgrade some software for a client — and the project is way behind schedule, says a pilot fish on the client side.
And why is that such a problem? “The existing product goes End-of-Life soon, at which time it will no longer be an approved product for us,” fish explains.
“The contractor’s people come in and pitch their schedule to upper management. In the briefing, they bring up the fact that the new product is not even approved to be on our highly secured network, and they have not even started on getting it approved.
“Essentially, if they have to get it approved, they can never get it deployed on time.
“My company’s management makes clear it is not happy with violating security protocols just because the contractor is behind schedule.
“Then the contractor’s senior manager tries to spin it: The only reason we need the new one is that the old one will soon be unauthorized after End-of-Life.
“And since the old one will not be allowed without being authorized after End-of-Life, it should be OK to deploy the new one without being authorized.”
Sharky is authorized to file off the identifying marks from your true tale of IT life. So send me your story at sharky@computerworld.com. You can also comment on today’s tale at Sharky’s Google+ community, and read thousands of great old tales in the Sharkives.
Get Sharky’s outtakes from the IT Theater of the Absurd delivered directly to your Inbox. Subscribe now to the Daily Shark Newsletter.