BMN Blog

Your business' data could be compromised by the most unlikely of sources -- your own IT manager.

Over the past couple months, I’ve encountered multiple chilling examples of IT staff gone rogue. Of course, this isn't happening every day. But when it does, it's especially damaging to organizations with a one-person IT department. These lone IT managers often hold the keys to the kingdom. No one person - IT expert or not - should ever have complete control over passwords, access, processes, etc. Why? Consider these two recent incidents:

• A healthcare company with a one-person IT department has seen a lot of growth recently. As a result, the IT manager has had a difficult time keeping up with the many demands of the developing business. This manager heard rumors that the company was considering outsourcing their IT, and he suddenly stopped cooperating or responding to the president of the company. Next, he quietly began moving things around in their system creating weaknesses, vulnerabilities and a potential takedown. The business owner lost a lot of sleep over this guy! Ironically, the company president never intended to eliminate the IT manager's position but provide him additional resources from an IT company.

• At another business with a one-man tech department, the IT director was fired for ethical violations far outside of his role in IT. However, even after his termination, he used a password only he knew to gain remote access to the company’s systems and move files around. What’s worse is he made it look like someone else had done it! Lawsuit pending.

We get it. Historically it made sense to hire the very best IT expert a company could find to manage and monitor the network infrastructure (i.e. everything that plugs in), but today companies are benefiting more by sharing their risks with a partner company. We suggest seeking out an IT provider who is experienced in your industry and is willing to customize the best solution for your business and security needs.

Jennifer Lagutin is a Technical Solutions Manager with TekLinks. Email her at jlagutin@teklinks.com.