Feeds

The Bastard formerly known as Roger

Name. Rank. Operating System

  • alert
  • submit to reddit

Boost IT visibility and business value

Episode 14 BOFH 2001: Episode 14

I'm stuck in an office with a couple of glorified beancounters who want to know how we do things here, and why.

The Boss was no help in the matter, displaying all the spine you'd expect from an invertebrate when the idea was passed to him.

"But they're Financial and Technical Security Auditors! - You can't REFUSE to see auditors!" he blurts.

"Of course you can!"

"You can't - it wouldn't pay for us to get a bad Rep in their report."

"At least we'd have consistency across reports," I respond, pointing out the silver lining.

. . .

Half an hour later I'm sitting across a table at mission control from a beancounter/geek who works for some large multinational beancounter outfit with a padful of questions and stacks of time (at a huge hourly rate) to kill.

I don't like it.

"OK, we'd just like to kick this off with an overview of your current topology and systems. Now, what was your name again?"

"I'm afraid that's commercially sensitive information," I respond cheerily.

"Pardon?"

"It's commercially sensitive. If I tell you and it gets into the wrong hands, who's to know what slave-trading agency would be on the phone the next day trying to headhunt me."

"We COULD find that information out from your Phonebook."

"I'm not in the phone book. No-one in Systems Admin is."

"From the nameplate on the outside of the door then!"

"There isn't one."

"FROM YOUR PAY DETAILS!!"

"I'm a contractor - A company in other words."

"OK, From your Boss!"

"He's new and doesn't know."

"From your Co-Workers then!"

"They wouldn't tell you. Even if they DID know my real name, which they don't."

"We take security seriously here," The PFY adds, wandering in.

"Well we have to call you something!"

"Yes. I prefer 'The Systems Administrator formerly known as Roger'"

"So your name's Roger then?"

"No."

"Your name WAS Roger?"

"Nope."

"So why are you calling yourself the Systems Administrator.. etc"

"Oh, so I can identify myself with a single character from the Symbol font."

"Which one?"

"I don't know its name. Do you have a laptop on you?"

"No."

"Then I'll have to draw it."

..ten minutes later...

"Now, what operating systems do you run?"

"Oh, I'm afraid that's commercially sensitive information...."

. . . Two hours later . . .

"So let's see, you can't tell me anything about you, your company, your work, the specifics of your computing resources, where they're located, your disaster recovery plans nor even where nearest fire exit is - because it's all commercially sensitive information?"

"That's correct."

"Why is the fire exit commercially sensitive again?"

"Because a headhunter might be waiting outside it to make me an offer I can't refuse. See, they set the fire alarms off knowing which way I might leave the building. And get me. Happens all the time in big companies."

"So why is there a Fire Exit sign over the door to that fireproof safe over there?"

"Throw off industrial spies," The PFY chimes in, nodding knowingly.

"Yyyessss," the geek finally says, reaching for the phone.

Ten minutes later The Boss arrives, having been sent by a Royal command from somewhere on high.

"Now what's this about 'Commercially Sensitive Information?'" he asks.

"He won't tell us his name," the geek narks up. "He say's it's commercially sensitive."

"And personal information as well," I respond. "My contract states that you can't actually force me to reveal personal information."

"He won't tell me what Operating Systems you run either, nor what types of server you have."

"Why not?" The Boss asks, testily.

"He says it's commercially sensitive information."

The Boss' eyes narrow at this statement, so I head him off at the pass.

"It's simple," I blurt. "I tell them what OS and machines we're running, then they'll ask me about security and what external access methods we have and how they're penetrated. Before you know it, they'll be wanting to know about who routinely penetrates the firewall from within, how they do it, and where they go when they do. I'd then be forced to reveal details of non-web-cached browsing that management believes isn't logged. Which could be, uh, COMMERCIALLY, sensitive."

"Ah! Yes, yes, I'd have to agree! Because if people knew our browsing histories they might be able to, uh.."

"..leave messages on the websites concerned encouraging key members of management to defect to a rival company," I complete.

"Oh Yes, that's it!" The Boss gasps.

Once more, geek two reaches for the phone...

"..leave messages on the websites concerned encouraging key members of management to defect to a rival company.."

"Oh Yes!" the Head of IT gasps.

. . . Five minutes after that. . .

"..leave messages on the websites concerned encouraging key members of the Executive to defect to a rival company.."

"Ah Yes!" the Assistant CEO gasps unhappily.

. . .

"This'll all be reflected in my report to the board!" the beangeek blurts threateningly, hoping to sway someone in the chain of command. "You can't hide things just by saying they're commercially sensitive."

"Funnily enough, that's what the guy who did the audit last year said."

"Did he? I don't remember seeing it."

"Well you wouldn't. It was commercially sensitive. So we locked it in the safe over there."

"He only had ONE copy!?"

"So to speak. Course, It was in his head at the time."

The PFY adds to the overall threat by shutting the door and pulling the roller blind down over the viewing window..

. . .

"Ah.. Well perhaps I was a little hasty.." the beangeek cries, mid-moment-of-clarity. "Perhaps you DO take systems security seriously."

. . .

"You didn't really shut someone in the firesafe last year did you?" The Boss asks.

"Of course not! But it's the same story I used for last year's guy!"

"So what - or who - is in the Fire safe then?" the Head of IT asks suspiciously.

"Oh, I'm afraid that's commercially sensitive information."

It really is easy when you know how. I should be a politician... ®

BOFH is copyright © 1995-2001, Simon Travaglia. Don't mess with his rights.

The essential guide to IT transformation

More from The Register

next story
The Return of BSOD: Does ANYONE trust Microsoft patches?
Sysadmins, you're either fighting fires or seen as incompetents now
Microsoft: Azure isn't ready for biz-critical apps … yet
Microsoft will move its own IT to the cloud to avoid $200m server bill
US regulators OK sale of IBM's x86 server biz to Lenovo
Now all that remains is for gov't offices to ban the boxes
Flash could be CHEAPER than SAS DISK? Come off it, NetApp
Stats analysis reckons we'll hit that point in just three years
Oracle reveals 32-core, 10 BEEELLION-transistor SPARC M7
New chip scales to 1024 cores, 8192 threads 64 TB RAM, at speeds over 3.6GHz
Object storage bods Exablox: RAID is dead, baby. RAID is dead
Bring your own disks to its object appliances
Nimble's latest mutants GORGE themselves on unlucky forerunners
Crossing Sandy Bridges without stopping for breath
prev story

Whitepapers

5 things you didn’t know about cloud backup
IT departments are embracing cloud backup, but there’s a lot you need to know before choosing a service provider. Learn all the critical things you need to know.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Rethinking backup and recovery in the modern data center
Combining intelligence, operational analytics, and automation to enable efficient, data-driven IT organizations using the HP ABR approach.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.