Rogue administrator reveals single-point-of-failure flaw

Jailed admin sues city whose network he sabotaged

Terry Childs is in the news again. Remember Childs, that lone-wolf network administrator who worked for the city of San Francisco? In July 2008, he was arrested for refusing to tell his bosses the passwords to the city's high-speed network. He's been in jail ever since because he hasn't made his US$5 million bail.

Now he's asking the city to pay $3 million for jailing him.

Crazy, huh?

Specifically, Childs filed a claim for "wrongful suspension without pay and wrongful arrest [and] violation of civil rights", according to the claim form dated Janaury 8. That $3 million breaks down as $1 million for economic damages — most likely lost pay and benefits — plus $1 million for emotional distress and $500,000 each for lawyer's fees and unspecified "special damages".

Remember, this is after Childs allegedly changed the network's passwords so only he knew them, installed modems to gain outside access to the network, configured routers so they could be controlled only from obscure locations, harassed an auditor, threatened his boss, lied to investigators about knowing the passwords and finally turned the passwords over to San Francisco's mayor.

Yes, it all sounds wacko. But actually, this wrongful-suspension claim isn't a surprise. Childs was suspended on July 9; he had six months to file a claim, which was necessary if he ever wanted to sue the city. His claim was turned down on January 23, and now he has another six months to file a lawsuit. Makes sense now, right?

Meanwhile, Childs will be in court next week to be arraigned on the criminal charges against him: tampering with a computer network, denying other authorised users access to the network and causing more than $200,000 in losses. If he squeaks through the criminal case, he'll have a shot — albeit a very long one — at getting his $3 million.

As for the rest of us — well, we've got troubles of our own, don't we? We're dealing with budget cuts, layoffs, longer hours and shorter tempers. Why should we care about some net admin who went over the edge?

But maybe that's exactly what we should care about.

In a column last year, I wrote that the Terry Childs fiasco carried a lesson for everyone in IT shops: As the only person with control of the city's network backbone, Childs was a single point of failure. That made him a reliability risk — one that, uncorrected, eventually created a huge problem.

Now it's worse. Today, deep in a recession, we're all at risk, from the CIO down to the lowliest helpdesk tech. We're short-staffed, overworked and under pressure. More and more, we depend on every person in the department. We've got no cushion, no safety net. Each of us could become a reliability problem — and we're too cash-strapped to eliminate every single point of failure.

Is there a Terry Childs in your IT shop? Let's hope not. But it doesn't take extreme behaviour to create an epic failure. It doesn't even take a little craziness. Under this pressure, we can get sloppy, cut corners and miss warning signs that eventually cost us in a big way — and that's when it comes to both systems and people.

Don't let it happen. Make sure everyone in your shop takes a little extra time and care with the hardware and the techs, the networks and the admins. Reinforce your procedures, your fail-over plans and your teams — and especially the people who you really can't afford to have fail.

Because in crazy times like these, that may be the only safety net you've got.

Join the newsletter!

Error: Please check your email address.

Tags management

Show Comments

Market Place

[]