6 Dirty Secrets of the IT Industry
IT pros usually know where the bodies are buried. Sometimes that's because they're the ones holding the shovel.
Mon, October 28, 2013
InfoWorld — IT pros usually know where the bodies are buried. Sometimes that's because they're the ones holding the shovel.
We asked InfoWorld readers to reveal the dirtiest secrets of IT -- the less-than-white lies and dark sides of technology that others may not be aware of. We then ran those "secrets" through a BS detector, fact-checking them with experts in the relevant field. In some cases the experts concurred, in other cases they did not.
[ Also on InfoWorld: Take heed, young techies, of these 10 hard-earned lessons of a lifetime in IT and beware these 7 fatal IT mistakes that will get you fired. | Think you got it bad? Check out InfoWorld's dirty IT jobs hall of shame for a dose of perspective. | Get a $50 American Express gift cheque if we publish your tech tale from the trenches. Send it to firstname.lastname@example.org. ]
Do sys admins wield power far beyond the CIO's worst nightmares? Are IT employees routinely walking off with company equipment? Can the data you store in the cloud really disappear in an instant? Are you paying far too much for tech support?
Read on to find out what our leakers and experts believe.
What's the biggest IT secret you know about? Spill the beans below. (Add a comment.)
Dirty IT secret No. 1: Sys admins have your company by the short hairs
When the IT fox is guarding the data hen house
Anyone who's followed the Edward Snowden story knows what kind of damage a sys admin with an agenda can do. But even IT people may not realize the full range of unfettered admin access and the kinds of pain it can bring.
"There are no secrets for IT," says Pierluigi Stella, CTO for managed security service provider Network Box USA. "I can run a sniffer on my firewall and see every single packet that comes in and out of a specific computer. I can see what people write in their messages, where they go to on the Internet, what they post on Facebook. In fact, only ethics keep IT people from misusing and abusing this power. Think of it as having a mini-NSA in your office."
This situation is more common than even most CIOs are aware of, says Tsion Gonen, chief strategy officer for data protection firm SafeNet.
"I'd estimate this is true in 9 out of 10 organizations," he says. "Enterprise security is only as secure as the ethics of trusted IT administrators. How many of them have sys admins who abuse their access privileges is harder to say -- but enough to hit the news almost every week. The scariest thing is that the same people who present the greatest risk are often the very people who approve access."