Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Blogs Careers
    • Blogs
    • Careers

    IT Career Advice: Passwords Make Bad Hostages

    By
    Donald Sears
    -
    July 23, 2008
    Share
    Facebook
    Twitter
    Linkedin

      Who benefits when one of your staff holds the keys to your systems and doesn’t want to let them go? Apparently, your company’s vendors.

      Terry Childs, a technology worker for the city of San Francisco, had been sitting in jail for the past week for changing passwords and was withholding them from his employers. Childs had been unwilling to give up passwords to what appears to be network systems–in this case, Cisco products. Cisco seemed to be getting some decent coin out of this debacle trying to decode the passwords-as-hostages, and rightly so (though some pro bono work here might have been a friendly press moment for the infrastructure giant, but revenue times are tough, man).

      As reported from Phillip Matier and Andrew Ross of the San Francisco Chronicle:

      “Childs – whom some have described as a friendly, hard worker at the city Technology Department, and others have labeled an over-the-top control freak – has been sitting in jail since July 13 on $5 million bail, after being arrested for reconfiguring key passwords in the city’s computer system.“

      “A team of code crackers brought in from Cisco Systems had been working around the clock to try to decipher Childs’ codes, but with only marginal success.“

      ““It wasn’t cheap and I just couldn’t see us keep spending that kind of money,” [San Francisco Mayor Gavin] Newsom said.“

      Funny thing here is that the mayor of San Francisco comes out the hero (and saves the city money from Cisco). Childs went directly to the mayor to negotiate. Childs’ lawyer, as reported by the San Francisco Chronicle, called the mayor’s office out of the blue to negotiate for the passwords. The mayor obliged, and in effect, saved San Francisco. Newsom! Newsom! Newsom!

      I kind of wish Childs had called Barry Bonds, just to get him some hero press.

      This entertaining but embarrassing piece of news illustrates the challenge of centralizing trust in one employee, and the consequences of a situation when that one employee doesn’t want to cooperate, feels slighted or just wants to be heard. Fact is, we don’t know yet what this guy’s gripe was at work. Doesn’t really matter. His name is all over the press. The $5 million price tag on bail should tell you something. Then again, we are talking about holding a city’s system hostage. Bad idea.

      What’s with city IT workers and Cisco these days, anyway? This is no way to stay employed in IT or get a new gig somewhere else.

      But as an organization (hey, IT managers, I am speaking to you), don’t entrust one person to be the holder of critical-system passwords and not have a contingency process and technology in place to handle. This just means your employer’s name is going to be all over the press, and maybe your name too. This isn’t to say that rogue employees who prove to be difficult will not pop up. In many small or midlevel organizations, it’s not financially feasible to employ a second network or system administrator. It’s too expensive. But having backup and shared root password responsibilities is essential, and there is some password management technology out there that could help.

      As Larry Seltzer rightly points out, what if you fell through a manhole?

      I wonder how many security vendors are lining up to meet the city’s IT department in the coming weeks.

      Donald Sears
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×