17. Using unlicensed software
Licensing is no joke and the fines for using unlicensed software can be astronomical. If you are supporting the use of unlicensed software, or are aware of it happening in your organisation without doing anything about it, odds are very good that you’ll be the one fired as part of a settlement with the Business Software Alliance.
Unlicensed software can often carry bonuses too, like malware and Remote Access Trojans (RATs).
18. Email outages
Whether it’s a corrupt database or a failed server, when there’s an email outage, you’re in for a very bad day. Accidents happen and hardware fails, but if you left an open relay and wound up getting your entire company banned by a DNSBL, your days in your current role may well be numbered.
19. No redundancy
The security triad includes confidentiality, integrity and availability. If you have a critical system without redundancy and that system goes down, the service is unavailable and you could well be without job security.
Make sure redundancy is built into everything you deploy, from dual NICs to separate switches, to redundant power supplies, RAID arrays, clustered servers and active/active routers to dual Internet circuits plus myriad other things that help you to dodge the bullets from any single point of failure.
Sure, the boss won’t want to pay for any of that, but if paying for it is cheaper than the costs of downtime it’s a bargain.
20. No disaster recovery plan
Failure to plan is planning for failure. At some point every company is going to experience a disaster. It could be a flood or a cyclone or a fire or a zombie outbreak.
Whatever the disaster, if you don’t have a tested and proven recovery plan, the biggest disaster may hit you even harder.
21. Undetected hacks
Recent studies indicate that the average network penetration occurred eight months before detection. Imagine that: an attacker sitting on your network for months before detection.
What could they find? What could they steal if they are on the network for all that time? With the prevalence of attacks it’s not that they went undetected that you should be concerned with, but what you may have missed.
Those log anomalies that you never followed up or knew about (because you failed to check the logs in the first place). The strange processes that you figured were probably just fine. If you had the opportunity and missed it, your time may be up.
22. Violating the AUP
The Acceptable Use Policy defines what is, and what is not considered appropriate behaviour on the network. As an IT professional you are responsible for knowing this policy and enforcing it.
There is no excuse for violating this policy and when violators are subject to termination, there’s no mitigating factors that will save your job if you cross the line.
23. Violating trust
As an IT professional, regardless of your role, your employer has placed their trust in you. You have access to data that includes customer information, intellectual property, trade secrets, NPI and more.
You also have custodial responsibilities for thousands or even millions of dollars’ worth of systems. Anything you do, whether intentional or just stupid that violates that trust is a sure way to end an otherwise promising career.
There is no technical solution or best practice here other than to not do anything stupid.
Think, twice before you act and avoid any of these face-palm mistakes that could push your career off the rails. There are some great products out there that you can depend on to save your skin when things go wrong.
By David Kelleher, Director of Communications, GFI Software