You’ll be the coolest guy in IT if you ain't got your ID
Forgetfulness, cold weather, and security doors don’t mix
On-call Welcome again to On-call, our almost-regular look at readers' escapades on client sites at odd times of day or night.
This week's contributor offers up a story “of personal stupidity more than anything” so we'll spare him the blushes that come with a name.
Our hero's tale starts with a downed Terminal Access Controller Access Control System (TACACS) that needed rebuilding in the dead of night.
“The OS disks were held in a fire safe in another building so up I got from the server room and walked through four sets of secure doors (secure coming in ... that's important) and found myself outside in the snow at 2am.”
Our reader said the night was “bloody cold” but added “I'm a northerner, so who needs a jacket for a three minute walk to the next building.”
“So I get to the secured, unmanned building,” our hero explains. “Now at this point I should inform you that the company I work for has a nice system where our ID cards are chipped, allowing us to use them along with a PIN to access the company's network over VPN without the need for a RSA token. However, we have to slot the cards into our laptops to do so.”
There's just one problem — our hero has forgotten his card. And his work phone, which held contacts for people who could open doors. And therefore has no way of getting into any building, or even his car because he forgot his keys too. Let's not forget he's wearing just a shirt on his upper half.
“Off I trudged back to the data centre, hoping beyond hope for inspiration”, which arrived in the form of a security phone on the outside of the building.
Which, inevitably, was broken.
“At this point I was contemplating using my personal mobile to call a taxi and going home using my spare house key ... but with TACACS down for 5,000-odd customer devices I didn't think my boss or bank manager would have been too happy.”
“Luckily enough on the side of the security phone was a telephone number for facilities to use if the phone needed repairs.” Miraculously, that number was attended at that Godforsaken time in the morning and our hero was put through to security.
“After about 15 minutes of explaining the situation to five different security managers and then being told 'We can see you on the CCTV ... are you supposed to be that fetching shade of blue?' they agreed to remotely buzz me into the data centre.”
Sadly, our hero's troubles weren't over.
“Unfortunately, for them and me (as I said earlier) the server room I needed to get to was behind four sets of secure doors, and each of them had to be opened remotely each time (having to fill in a security exemption form, taking about five minutes before the system would open). Twenty-five minutes and a very annoyed security manager later I was back at my desk, grabbed my ID and headed back out into the wind to get the image disk from the firesafe.”
Our hero got the job done and left for home two hours later, without his laptop power supply.
“Hey," our reader says, “it had been a bloody long day!”
And the lesson? “Always check you've got ID before leaving a secured area!”
What's happened to you at work at 2am? Or any other time of day when you've been called out to set something to rights? We're always on the lookout for tales of on-call action, plus expat experiences when you move to another country. Share your tale by contacting me with this form. ®
Sponsored: Becoming a Pragmatic Security Leader