Business ran by monkeys

Hi channers,

I'm not sure this thread belongs here, but I need your opinion and don't want to be fully trolled on /b/ (not this time - usually it's fun).

What would you do if you're working for a company as an sysadmin when this is happening:

- you have to argue with half tech illiterates about technical solutions, and they treat you as you know nothing
- 50% of their systems are not patched for year and more (record is 6 years Ubuntu 12 on main production server)
- manager 5 levels above you replies "company has no responsibility over clients data" and legal department agrees. (we are so called GDPR compliant, not sure how it's possible)
- some of company clients are actually tricked by "false advertising" using buzzwords like SaaS
- what they told me during an interview was 70% and more just lie according to reality (I'm there over 12 months)

I'm wondering about two possible solutions:

- *ack it, and I just quit asap
- bring this to authorities (means it will crush the business probably - my co-workers are mostly good people, just the management is "dumb")

Thank you for your opinions.

Attached: bizfail.jpg (800x500, 60K)

Other urls found in this thread:

all sounds fairly normal tho desu. Companies who tell 100% the truth 100% of the time, tend not to fare too well

I'm not asking for your company name, but name a competitor or something in that ballpark so I have an idea of the scale of your company. Also, why not just go with the flow and not worry? Take notes, don't get caught taking "notes", compile as much dirt as you can and you might be able to do some serious Machiavellian leverage with the highest level of your company for a severance package or promotion, etc. But my main question, who do you care? Why not just do as you're told, wage slave away and just make money and live your life? I get it can be frustrating, but isn't unemployment worse?

Thanks for opinion, you're kind of right, but for some weird reason common "labour" suppose to tell the truth on the interview. Proof this and that all the time. Anyway, should I care about the data of clients? Should I turn black?

If the institution is against you, its a tough in
Try to make slow changes where you can
Build up support with your direct management first,
and have them do the fighting for you

There is maybe similar company, which is celebrating 140 years and is possible they own one of the branches who are our competitors.

That's the thing you know, I don't want to just get the "dirty notes" and harvest "as much benefit as possible" for myself.

You're right, trying to get to my own "business", slowly but surly, unfortunately not yet there.

For now, it's my moral dilemma what's right. Because I want to do the right thing, even I get some extra hits and spit some blood. Truth always worth it.

>you have to argue with half tech illiterates about technical solutions
Speak their language autist. It's more your fault then theirs - don't demand they know why upgrading is needed, they hired you to know this stuff. They also don't need to trust you 100% so be ready to justify what you want UNDERSTANDABLY

Don't forget to thank me sir

See, if everyone actually CARED like OP he wouldn't have to do all that.

the thanks was for you moron :)

Seems like OP doesn't care at all given he spazes out if he can't use technical jargon in front of business people.

Starting to think that OP doesn't even know why he has to do the things he wants to do.

Bist du Deutscher?

I've tried all of that already. Literally, escalated it properly in terms of internal structure, but than, you "hit the idiot" with his "master title". Who is trying to convince you, the data they have is just something they have no responsibility. So I've asked if they can put it on paper, so in case there was a breach in past, it's not my responsibility and I did what I could to fix it. Looking forward for next week, what they will bring. As he put it in email so "evidence" is there.

I just have to play this properly and I don't want to take it off the organisation until it's the last option.

Nah, rather check the ex EU island and "librarians" business zone.

Moodle is *hit, but there is a different version if you want to learn something.

Is this something where, if there is a breach, you could be held liable for it?

have you tried escalating to your immediate supervisor because that's the most simple and only action to take

good question. Business usually want a scape-goat, as it was mistake of an individual.

If I'd like to get to better role elsewhere, having even a hypothetical connection to "deep water horizon" or "fukushima" if you're "health and safety / maintenance head engineer" is not the best reputation you can get.

So technically speaking it's 50/50.

And because I'm "pain in the 455" I can imagine I'd be first on the list.

escalated it as much as possible in recent 6 months. Yes sure, that's the first thing to do. Read properly my initial post (manager 5 levels above), we even don't have CTO for a year and something so .... yes it's awkward =(

Well, at the very least I'd do most of the communication with your superiors in email from now on and keep copies offline. That way if they ever say that you didn't inform them, you can point to an email.

Yeah, that's what I'm doing, when it's in email it's at least something.

And sure, copies stored offline.

PS: thank you all for your input, worth it.

HF and don't /b/ =)

Look for another job, so when shtf because of incompetent management you are already working somewhere else and already building your reputation there, and not recently laid off due to staff reduction when they miss their earnings goal.

yeah, backup plan is necessary. Gonna update my CV and pass my resignation tomorrow. Unfortunately that will screw up some plans I had to the end of the year. So who will pay for that? =(

See it's always a thing, the consequences and cost of them.

if client data isn't personally identifiable data then the manager who said "company has no responsibility over clients data" might be correct, when you're referring to SaaS?

data on live systems are usually personally identifiable in general. In this case, I can confirm they are definitely very personally identifiable.

The SaaS part. That's definitely bit arguable, but it's more about the "expectations" especially when we talk about HA/horizontal scaling. So when you do a "software upgrade" you probably won't expect half a day maintenance i.e.

Below is part from wikipedia:

The vast majority of SaaS solutions are based on a multitenant architecture. With this model, a single version of the application, with a single configuration (hardware, network, operating system), is used for all customers ("tenants"). To support scalability, the application is installed on multiple machines (called horizontal scaling). In some cases, a second version of the application is set up to offer a select group of customers access to pre-release versions of the applications (e.g., a beta version) for testing purposes. This is contrasted with traditional software, where multiple physical copies of the software — each potentially of a different version, with a potentially different configuration, and often customized — are installed across various customer sites.[17] In this traditional model, each version of the application is based on a unique code.

So technically speaking, when you will host a "multi tenant wordpress" on single machine it's IMHO not a SaaS in a true meaning of SaaS. But sure, we can argue about it.