The SysAdmin Trap

Terry Childs is Guilty.

In mid-2008, Terry Childs, the (then) System Administrator for the City of San Francisco, was called into a meeting with the COO (his boss); the CIO of the SF Police Department; a Human Resources representative; and, unbeknownst to Terry, by phone, a few of the engineers he managed. He was ordered to share the system passwords for the network. He made them up. Subsequently challenged with this fact, he refused to reveal the passwords, ending up in a city jail cell.

Close to two years later, Childs has been found guilty of felonious computer tampering and faces up to five years in prison (he’ll likely be let off in two, with his racked time counting toward the total).

Open and shut, right?  The city claims, and the court found it believable, that Childs’ obstinate refusal to provide passwords resulted in over $200,000 lost city revenue.  He lied to his employer.  He held the city ransom.

Childs’ defense has always been that he was protecting the city’s network.  He wasn’t going to share sensitive passwords with people who, in his estimation, wouldn’t respect the sensitivity of those passwords, and would likely share them other employees and contractors.

To my mind, while that’s a valid concern, it doesn’t clear him.  He still works for the person who was asking for the passwords, and he was obligated to provide them.

The real crime here, though, is not that Childs’ hoarded the keys to the system. It’s that the meeting occurred at all, and the reasons that it came to the point of a stand-off are all too criminally common.  Was Childs guilty? Sure! But others shared guilt in bringing it to that point.  Consider:

  • The System Administrator reported to the COO.  No CIO? No VPIT? No IT Director?  This means that there was a gap between the absolute tech and the non-technical businessperson, and that’s a critical layer, particularly for an organization as large as the government of a major U.S. city.
  • There were no policies governing use of system passwords. The fact that Childs was allowed to be the sole keeper of the entire network was a lapse in operations that never should have been allowed.
  • Childs was a city employee for ten years.  If there were concerns about his trustworthiness or reliability, shouldn’t they have been addressed earlier in that decade?

All too often, IT departments are isolated from the organizations they serve.  Part of this is due to the nature of technology work and techies — we speak a language of our own; enjoy working with the tools that many people find obstructive and confusing; and the majority of us are not very good at casual socializing. More of it is due to the fact that most people — including the CEOs and VPs — don’t get technology, and don’t know how to integrate technology tools and purveyors into the organization.

But that lack of comprehension shouldn’t be a license for persecution.  Everyone’s a loser here, most personally Childs, but the city suffered from a situation they created by not investing properly in technology.  And, by investing, I don’t just mean hiring the right amount of staff and equipment — I mean that CEOs, COOs and everyone up the chain has to step out of their comfort zone and either learn more; hire staff and consultants to vet and translate; or, optimally, both.  The CEO doesn’t have to be as knowledgeable as Bill Gates, but they have to have educated oversight on how IT is run that “gets” what IT is about and how the technology practitioners operate.

As much as Terry Childs is guilty of a crime, he’s tenfold a victim of one, and it’s a cautionary tale for any of us who work in environments where management is happy to let us build a big, isolated kingdom.

What drove Terry Childs to commit a felony was a crime unto itself.

5 Responses to “The SysAdmin Trap

  • Peter,

    This is a thoughtful and provocative post. I appreciate it and share many of your views here. When IT diverges too far from the business process it serves, everyone loses — including IT itself.

    But I think that it is hyperbolic to assert that Terry Childs is “tenfold a victim.” He was mismanaged in a dysfunctional organization, with critical missing links in IT leadership, but I wouldn’t call him a victim of a crime.

    If anything, the city’s citizens were the victims of both Childs and a government that saw no problem with the IT departmental structure.

    It is important, I think, to identify the patrons/clients/customers as those who are ultimately underserved when an organization fails to reconcile itself to its technology. The network admin might be caught in the middle, but he is not the chief “victim.”

  • Marlina
    14 years ago

    I’m an accidental techie for a small nonprofit and even I know that one person cannot possess all the passwords. Whether they are physical assets like keys or intellectual assets like software license keys or passwords. Somebody else has to know. What happens to an org if the person with the passwords disappears or dies? You have to have a contingency/disaster plan.

  • Tony — I’ll admit to a bit of hyperbole on the “tenfold” line. I certainly do think that Childs was in the wrong with his attitude and behavior. I’ve blogged here about the problems I see with techs being far too controlling (The ROI on Flexibility) and Childs was a poster, um, child for that self-defeating behavior. But I really lost it when I saw that the chain of command dropped from COO to Sysadmin. If there had been executive level IT, or, at least, an IT Director to look after the organizational needs, Childs would likely have never made it to the position of authority he found himself in. The press I’m seeing on this is acknowledging that the problems were with management as well as Childs. But they’re stopping short of saying what those management problems were, so I wanted to throw in some educated guesses.

    Marlina — I actually had a piece published on the best way to manage passwords as well today, on the NTEN blog, and I’m with you 100%. What i do is leave a sealed envelope with the latest admin passwords with HR or the CEO, so that they have the information should they need it. My article is at The Softer Side Of Security.

  • Well, debating the “guilt” of the various parties is interesting – but more to the point is the turmoil the City was thrown into through its errors. I’ve been trying to explain to orgs lately why a formal Information Security Policy is vital — and as you point out this story makes the business case for developing one loud and clear.

  • Besides the arguments which can be made about security rights, access to passwords, etc., I think an important point Peter makes is really about that gap between the “super geek” and the “higher ups” that are so often clueless on the tech side (and I honestly don’t mean that disparagingly). That mission-to-tech misalignment, as some might call it. This is a very high profile case, but think about all the resources, of both time and money, that orgs like this are wasting, on very subtle, non intrusive day to day manners! When there is such a disconnect between the super geeks and management, I think it’s a pretty safe bet there will also be communication gaps leading to mismanaged projects and scope creep all over the board! That may not lead to an arrest, but certainly poses a threat to an org’s mission. Nice post, as always!