Actually, its the only job i actually was happy at. Both the job, the business, and the people. It was the 'right place' for me.
( until that new guy showed to kill us )
The business isn't always the thing the company is doing - sometimes it is the thing being done to the company.
Tue Jun 08 2021 10:34:20 EDT from Nurb432Oh, i didnt do the burn ..
Short version is we got a new CFO and his 'goal' was to bankrupt the company but not make it obvious. Among other causalities, i was one. Another was our manufacturing maintenance people/supplies. "they are not doing anything, machines are running, get rid of them" ( this was during our annual shut down/product change over.... )
While it sounds silly to an outsider why someone would do this, we were a a joint venture between an American corporation and Japanese. They brought the tech, US brought the business. They had 51%. The ONLY reason the US company did it was to get a hold of the tech. After a few years of decent business the goal was to run it into the ground just enough so the Japanese woudl bail, leaving behind the tech. They are far more committed than most people think and it took a total collapse to get them gone. But it went too deep, and ended up being bought by a investment firm.
"look at me i saved all this cash... " as the place went under 6 months after he left. Could not recover, by design. He had been there less than 6 months.
That was also were i learned a new term: "containment". I been in the automotive manufacturing business over a decade by then but never heard that term. Never want to hear it again. Most companies dont survive it. We did, somehow. ( before new CFO )
2021-06-07 16:31 from IGnatius T Foobar
"Something inappropriate that would get me in trouble if I said it is
included herein by reference."
-- me, just now, on a meeting call
thief!
Well, lost that battle. We are now going to force non IT customers to figure out ITIL terms to interact with us. "customer focused" my ass.
"How about we ask a couple of actual customers before we do that" "well if you do that you will get several answers, we just need to do it as we want, and let them figure it out on their own".. Without these customers we dont exist. I dont see how hard that is to understand. If our customers were not 'captive' they would not be using us.
Man i wish i could leave. Soon, but not soon enough.
Well, i guess my boss found me a desk i can have. Even tho i'm only there 3 days a week at least ill have a place of my own again and no festival seating. Means i can have a real keyboard instead of the laptop keyboard, and not have to drag it back and forth. ( people are filthy, not going to share that and yes mine is too, but at least its my filth :) ). And i can have a small desk fan so i dont melt, again without carrying it back and forth each day. Tho i did just buy a 'flat' folding portable fan. About the size of a cell phone.
Still not thrilled with 3 days a week, but i guess having a desk is something.
"New requirement from xyz department" "they require that admin accounts do not have access to data stored in the system"
Ya, sure.
WTF? Do they understand how admin accounts work?
Sure... I can take away my permissions to your files - but I can also give them back to myself anytime I want, and the only one who knows these permissions changes is... THE ADMIN.
Furthermore - if administrator accounts don't have access to your files, when you somehow lose your WENIS report and want me to restore it from backup - guess what ELSE didn't have access to your data?
Yeah. The backup system.
And our policy won't allow you to hook up a USB storage device - so you can't really back it up yourself.
Hope your hard drive doesn't die - now that you've painted yourself into a corner with ridiculous requests that you don't understand the implications of because you distrust the IT department.
Thu Jun 17 2021 18:29:37 EDT from Nurb432"New requirement from xyz department" "they require that admin accounts do not have access to data stored in the system"
Ya, sure.
There is a subred called /malicious compliance
That seems like this scenario is perfectly suited for.
"They said no admin access to their data, so I disabled all admin access to their data. Then their drive died, and they wanted it restored from backup... but their backups failed, because the admin utility accounts didn't have access to their data."
I said,
"When you told me to remove admin access from your data, I assumed you knew all the ramifications of that request being that you were making decisions that should have been made by the IT team."
Or that you cant support the system without the access...
Glad i'm not having to implement or support this mess. They tried to get on board mine as a tenant, but our security structure was not adequate for them ( thankfully... ). I'm sort of acting like a 'trusted consultant' as they work out their own dedicated install with the same vendor.
PM came to me this evening " can we calk about this new requirement they are asking about, and how it might be done" LoL, sure we can talk about it, i need a good laugh..
Thu Jun 17 2021 07:31:40 PM EDT from ParanoidDelusionsWTF? Do they understand how admin accounts work?
To an extent. I have worked with systems where that sort of change is logged. ( mostly mainframe, but i have seen 'PC' type apps do that too ) Does not stop the admins of course, but they do have an audit trail. ( if they asked for that, j would not be laughing at them. Tho this system does not do that, i can at least understand wanting that )
Thu Jun 17 2021 07:31:40 PM EDT from ParanoidDelusions
Sure... I can take away my permissions to your files - but I can also give them back to myself anytime I want, and the only one who knows these permissions changes is... THE ADMIN.
I considered that. I have too... but generally people asking for something this boneheaded, don't ask for or realize it generally isn't a thing where admin changes are notified to the users - even about permissions.
And often, if you're an admin - you can get rid of any logging that they might receive or modify it before they receive it. It is usually easier for an admin to cover his tracks than for someone in userspace to discover he has done so.
Thu Jun 17 2021 19:42:26 EDT from Nurb432To an extent. I have worked with systems where that sort of change is logged. ( mostly mainframe, but i have seen 'PC' type apps do that too ) Does not stop the admins of course, but they do have an audit trail. ( if they asked for that, j would not be laughing at them. Tho this system does not do that, i can at least understand wanting that )
Thu Jun 17 2021 07:31:40 PM EDT from ParanoidDelusions
Sure... I can take away my permissions to your files - but I can also give them back to myself anytime I want, and the only one who knows these permissions changes is... THE ADMIN.
I guess i should add i DO understand their paranoia, considering they data they have, but they have got to use some logic.
They also at one point asked "can we prevent users from entering information they shouldn't" "how would you do that?" "um, ya i guess there is no way, so we need a way to remediate it afterward"