Shhhh! We’ve almost got that “critical security patch” approved!
You must not do much work with enterprise-level servers. Those beasties are almost always chewing on something. Serving up databases, doing backups, and a host of other cron jobs throughout the day and night. Most of our servers run an integrity check on the file system every two hours to ensure files aren’t being messed with, for example. Left to itself, SETI will consume pretty much every morsel of processor power, unless you start getting crafty with the “nice” level for it vs. all the other processes on that server.
Notice the name. It’s not called SETI@Work…
As for the programmer, at 63, he should have known better about putting rogue applications on computers. He probably was thinking “I’m four months away from being able to take early retirement - they’re not gonna fire me!” His supervisor does deserve a swift kick in the ASCII for those comments, and will hopefully at least be reprimanded by his higher-ups.
I don’t see that SETI was approved software to be installed on the server in the OP. I kinda doubt that it was.
Yes, my company does fire people who install non-approved software. Not typically on a first violation, and sometimes they turn a blind eye, but they have done it before for a first violation in the case of software such as Kazaa and Morpheus and Napster. And porn-related software.
Your comment on being reprimanded for reading a newspaper whilst copying disks has nothing to do with IT security, so I won’t address that specifically. But I will assert that morale improvement and morale building are key, primary factors IMO in running a successful and happy workplace, but there are better ways to recognize the dignity and self-respect of employees without screwing around with IT security. The people who work under me are allowed a wide range of activities that are officially “frowned upon” but not explicitly forbidden - such as, surfing around on lunch, and during breaks through the day, to go to Ebay, ESPN, fantasy football, etc. I bought ZoneAlarm for every person working under me, and also got permission to have them install Adaware and Spybot, and I ask them to run them regularly, as a condition of surfing around to pretty much anywhere they want, except porn.
But actually downloading something that is not on the approved list, and running it, is over the line in the Client-based consulting environment we operate in. Would I fire someone for SETI? No, of course not. I’d have a friendly chat with them (and it would be friendly, I like everyone working under me quite a lot), and tell them that they need to get it off their computer immediately, and we would forget about it. No harm, no foul. But there have been Incidents in the past that would cause enough attention that it would involve people over my head (such as a financial transaction server delivered with the RC-64 cracker on it…so it didn’t work because 99% of its CPU was eaten up cracking codes), and in that case I would step back and let what happens happen.
So if it’s not explicitly forbidden, then it should be allowed?
Nuh-uh. Doesn’t work that way. YOU don’t get to make the rules for SOMEBODY ELSE’s property. Have some respect, would you?
Una, you and I are in agreement - reminding the employee of the policy in this case is reasonable. Firing, in most cases, is not.
I’ve had the luck to work for people who have respect for me. As a professional programmer, my bosses realize that I has as much interest in keeping my computer virus-free and in top shape as they do. So yeah, unless it’s explicitly forbidden, if I felt that I wanted program XXX installed on my computer and IMO it was a quality program that would not in any way affect the well-being of my system(s), I expect to be allowed to install it without asking permission. Respect goes both ways.
As just about every place I’ve ever worked left it up to me to decide what was installed on my computer, I highly doubt my experience is out of the ordinary. We’re not talking about a low-level clerk installing crap on a company computer; we’re talking about trained, professional programmers deciding what software to install on the computer they spend 8 to 12 hours a day working with.
For me, this argument goes both ways. You could say that because they’re professionals, that they should be trusted. In most senses, I agree.
But my experience at my company tells a different story. It’s a huge company. We have a strict no-outside-software-installation policy. It doesn’t matter if it’s harmless - even a company this large doesn’t have the IT staff on hand to field installation requests on a case-by-case basis. (Una said pretty much this exact thing earlier, and said it better, but anyway.) The policy is, unfortunately, inarguable.
Now, since our IT staff are well aware of the policy, and are expected to stick to the same policies as everyone else in the company, I’d even hazard a guess that because of their knowledge of computers and because of their job of ‘keeping employees in line’, they are held to an even stricter standard with regard to company policy.
Maybe that’s why he was fired: in his position in the company, he should have known better. This position would best apply if the company had a policy against outside software in place, of course.
Having said that, the department director was being such a jerk.
There really isn’t enough information in the article to properly judge anything other than the nature of the director’s comments (which were unacceptable language regardless of the circumstances).
Was that the first time the programmer had pulled stunts like that? Was he responsible for maintaining the server, or did he just have access to it (and hence shouldn’t have been goofing around with it)? How critical was the server? As one of the others suggested, was it supposed to be running maintenance programs during non-peak hours (which SETI@home could have interfered with)?
That said, installing software on a server used by others has far greater potential repercussions than installing software on “your” computer in your office, and discussions about what users should or shouldn’t install on their “own” computers is almost irrelevant to this discussion.
No, really, it’s a GUI sysadmin tool!
There’s a heckuva big gap between “You’re running unauthorized software on our server. That’s going on your permanent record; don’t do it again.” and “You’re fired. Get your butt out of here.” So I’m thinking that there’s more to the story than what we’re hearing. Perhaps there was a history between the programmer and the manager and he waslooking for something to pin on the programmer. Or possibly the manager may just not have appreciated the concept of idle cycles and interpreted this as theft. But it seems like a heinous overreaction.
Every so often, things pop up with truly amazing timing…
Today, we were having a discussion over the price of enterprise-class servers. In a word, heart-stopping. By the time you buy one, buy the software licenses, and arrange to house it, keep it cool and well-fed with electricity and maintained, you’re into some serious dollars.
How serious? Well, the Sun E20Ks that drive our data start at $630,000. Each. Add on $100,000 or so each per year for service contracts, software licensing, electricity (180 amps @ 240V), smart people to operate it, etc, and pray the thing is useful for seven years. That’s $1.33 million over that hoped-for seven year lifespan. $190,000 per year. $22 per hour, night or day. If you can only make it useful for five years, the hourly cost goes up to $26.
So, if someone puts a *nix version of the SETI BOINC client on one of our E20Ks and “only” ran it at night for 10 hours, they’re effectively stealing $220 of computer time per day. And that’s not considering the impact on all the stuff that runs at night that I described earlier.
I just brought this up as I had no idea that enterprise servers were that expensive, thereby making their processing time similarly expensive.
This was a server, not a workstation. The server needs to fulfill many, many needs for the company. It is a far more crucial and sensitive piece of equipment than any one workstation.
And how the heck does YOUR past experience working at lenient jobs apply to this? You say your previous employers didn’t care what you did to their equipment. So now ALL employers are required to match that? How the hell do you reach that conclusion?
I reiterate: Have some respect for other people’s property, and stop trying to tell 'em what they should do with it.
No, actually the default SETI runs at the lowest priority level and will only run on an idle computer. You CAN change those settings, and to do so on an enterprise server would be wrong. Unfortunately we aren’t provided those details but, from my experience with the SETI project, people always look down on that type of thing and always run it at the lowest priority. In other words, using only the cycles that would have otherwise been idle.
I agree with Athena’s statement above that:
And the supervisor was clearly a jerk. Sounds like he had a personal vendetta to fulfill.
Using something like Excel or Powerpoint on your work apps for a personal project and installing a program to run all night is two very different things. He should have asked permission. Since he worked IT I would bet he knew this as well. I would have to wonder if he didn’t ask because he figured the answer would be “No”…especially given this was a state agency and the rules tend to be less flexible there than in private business.
That being said, the Director’s response was way over the top (unless there was history here that we do not know) and his remarks showed nothing but his heavy-handedness and stupidity. I would have problems with him were I his boss.
People, am I the only one who bothered to read the article? This was not a private company. This is an agency in the government of the state of Ohio. It took me about five minutes of Googling to find their Computer Use Policy: http://jfs.ohio.gov/Omis/InfoSecurity/InfoSecPolicy.pdf. Section 7.4 is entitled “Personnel Expectations,” and states several times that “The Ohio Department of Job and Family Services information, computers and communications systems are the property of the Ohio Department of Job and Family Services and must be used for explicitly authorized purposes.”
The guy has no leg to stand on, other than objecting to his boss’s highly unprofessional comments.
As a former state government employee (and current Fed,) I can tell you that state employees’ use of computers and servers is highly legally circumscribed. I can also tell you that the guy probably had to read the IT policy and sign off on it every year, so he likely had no excuse.
I’m all for SETI@home, but he clearly violated the IT policies of the department.
Yeah, you think the government really wants its employees finding out the TRUTH about the little grey men? They’re out there, I tell ya! THEY’RE OUT THERE!