Feeds

BOFH: Lock shock

I have never seen this man before in my life. Nor this one

  • alert
  • submit to reddit

Top three mobile application threats

Episode 12

“No, I’m pretty sure you don’t work for the company,” the PFY says, tapping away furiously on his keyboard.

“What’s up?” I ask, as the PFY mutes the phone while the bloke on the other end has some form of protracted verbal seizure.

“That idiot from accounts who wanted us to pick up the bill for his home broadband has got a note from his boss authorising it and saying it should be charged back to our cost centre.”

“So you told him to get stuffed, right?”

“Sure did. So then he got his boss on the phone...”

“And you told him to get stuffed too, right?”

“Yep, and then he got his boss on the phone...”

“And you told him to get stuffed as well, right?”

“You bet. And then he got our boss on the phone...”

“And you definitely told him to get stuffed, right?”

“I did. And then he started going on about how if I didn’t watch myself I wouldn’t be working for the company much longer.”

“Which is where I came in?”

“Exactly!”

“So what’ve you done – deleted his records from HR, Salaries, Security, the Website, the Phone system, Active Directory and updated his swipe card details to read ‘Stolen’?”

“All but the phone system – because it’d drop the call.”

“There’s no time like the present!” I say.

A few clicks and a few seconds of processing delay later the caller details on the PFY’s phone revert to UNKNOWN just before the call drops...

Half a minute later the PFY and I have a few chuckles as we hear a swipe card being repeatedly denied at the entrance to Mission Control. A furious hammering starts moments later, followed by a long silence.

“Wait for it...” I say, nodding at the PFY’s phone.

>ring<

“Hello,” the PFY says, in answer to a call from the bloke in the office next to the Boss.

“What the hell have you done to my swipe card?” the Boss yells – with the tell-tale echo of hands-free mode from the other end.

“Looks like the Boss is looking to make an example of someone,” I murmur to the PFY.

“That makes two of us,” the PFY murmurs back, before adopting a louder tone. “Who is this?”

“You know very well who this is – and if you don’t enable my card immediately...”

“I’m sorry, I don’t recognise you.”

“You won’t recognise me from the unemployment line,” the Boss snarls.

“I’m sorry; I don’t know who you are or where you’re ringing from.”

“I’m ringing from Dave’s office.”

“Dave?”

“Dave Greenwood.”

“There’s no Dave Greenwood working for this company,” the PFY replies as he taps away furiously at the keyboard, just before the phone goes dead again.

“Ooh – don’t forget to delete the scanned images of their employment contract – and their home directories - from the SAN!” I blurt.

“Check!” the PFY says.

>ring<

“Sharon who now >clickety<?” the PFY asks as the phone goes dead once more.

And about then it starts to dawn on the IT masses outside Mission Control that this is serious...

With only two days remaining till payday – and given the slovenly nature of the company’s HR processing – even if the staff member could prove that they were really working for the company and that their deletion was some form of data error there is NO WAY they’ll be getting any money in this month and mortgages, etc, will probably go unpaid...

Off in the distance the PFY and I hear several doors slam and lock as people act to protect their pay packets from the Boss’ minus touch...

A few minutes later the phone rings once more.

“You can’t possibly think you’re going to get away with this,” the Head of HR burbles smugly down the phone line at us – calling from yet another hands-free phone in the Security offices, no doubt called down there by the three ex-members of IT staff.

“Sorry – it’s Simon here – Steven’s out of the office running a few errands," I say, while simultaneously texting the PFY “What can’t he get away with again?”.

“You don’t seriously think that you can simply delete someone out of the system and suddenly the company will treat them as persona non grata!”

“Really?” I ask, “I think our HR system is a fairly authoritative source for information on who is and isn’t a staff member – and I think our Head of HR would agree.”

“I don’t think he would...”

“I do. In fact I’ll check this with him shortly.”

“You’re talking to him now...”

“No, I’m talking to someone at security. James, the real Head of HR is bound to agree with me.”

“James is the assistant head of HR.”

“Really? That’s not what it says in the HR database.”

There’s nothing quite like the sound of a penny dropping from a great height. A penny with the image of the person who jealousy craves your job on the obverse face. That’s the tragedy of a powerful job – there’s generally a queue of envious figures behind it, all waiting patiently...

“You’ll never get away with it! I have printed documents – my employment contract, my health insurance documents, my annual leave forms!”

“Health Insurance, hmmm – thanks for pointing that one out. >clickety< Yes, I think you’re right, printed documents do have an air of authority to them. Unless of course they were perhaps kept in the lockable bottom drawer of the desk unit that you get issued with - if you were in fact employed by the company – a lock with a single master key that only my assistant has. On him. Right now. The one which will be in his pocket even as he starts that small fire in a metal rubbish bin up on the roof...”

“You’ll never get away with this!”

“I think I already have. And if I haven’t I’m sure there are people waiting to be promoted into the positions of those that I don’t completely see eye to eye with. Now if you don’t mind I’ll have to ring off now. I need to call security and tell them about the imposters in the building. They’ve been looking for a chance to see how the dogs react...”

High performance access to file storage

More from The Register

next story
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Kingston DataTraveler MicroDuo: Turn your phone into a 72GB beast
USB-usiness in the front, micro-USB party in the back
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
Inside the Hekaton: SQL Server 2014's database engine deconstructed
Nadella's database sqares the circle of cheap memory vs speed
BOFH: Oh DO tell us what you think. *CLICK*
$%%&amp Oh dear, we've been cut *CLICK* Well hello *CLICK* You're breaking up...
Just what could be inside Dropbox's new 'Home For Life'?
Biz apps, messaging, photos, email, more storage – sorry, did you think there would be cake?
AMD's 'Seattle' 64-bit ARM server chips now sampling, set to launch in late 2014
But they won't appear in SeaMicro Fabric Compute Systems anytime soon
Amazon reveals its Google-killing 'R3' server instances
A mega-memory instance that never forgets
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.