In an era when security breaches hog the headlines and companies scramble to protect corporate data, in some ways I'm grateful to work for a CEO who emphasizes the need for security. But there are drawbacks.
We're a small business with a correspondingly sized IT staff, and "Jim" often springs yet another of his security concerns on the few of us. For example, one time someone sat outside the office next door, waiting for it to open while typing away at their laptop. Jim saw this and panicked, assuming they were there to "hack" our servers and ordered that I immediately check the network for intrusions. Needless to say, nothing was wrong.
[ Also on InfoWorld: Can you guess what the worst tech screwups of 2012 are so far? See Cringely's top 10 list. | Follow InfoWorld's Off the Record on Twitter for tech's war stories, career takes, and off-the-wall news. | Subscribe to the Off the Record newsletter for your weekly dose of workplace shenanigans. ]
Another time, someone described to him how a "memory leak" caused a random crash of their systems. Now whenever a computer slows down or anything crashes at our company, Jim orders the IT staff to drop everything and find "memory leaks."
Then there's our server room, the subject of one of Jim's latest spells. We have an amazing setup for a small business, if I do say so myself. The space itself has its own AC and humidity control, and the servers are locked in a cage within the room. No one here has ever unplugged the servers, due to the power outlet's placement within the locked server cage. The door into the room has double locks, and a motion sensor alarm goes off whenever the door is opened.
Jim is deservedly proud of the server room, and appearances are important to him. Ironically, for someone so guarded about security, he's quick to throw open the doors and give prospective clients a guided tour. At the same time, he wants the nightly cleaning crew to keep out, which wasn't happening, and the crew kept setting off the security alarm.
The CEO's security solution
Jim came up with a "solution," one in which he insisted on being the sole person on the alarm contact list for "security reasons." Soon, he was getting called several times a week, wasn't sure what to do, and finally brought up the topic in casual conversation with me when he complained about lost sleep. By then, almost an entire year had gone by without IT knowing of the problem. The only actions Jim had undertaken in the meantime were to make several official, yet ineffective, complaints to building management. Now it fell to us in IT to assess the situation.