The Limitations of CYA

Wednesday, June 07, 2017

Making the rounds on the internet is a story about a junior software developer who, on his first day on the job, got fired after he accidentally destroyed his company's production database. Commenters at Reddit (above) Hacker News correctly flayed the executive who fired this sadder-but-wiser employee. A comment at the latter does a good job of summarizing why firing this employee was a bad idea:

Sorry, but if a junior dev can blow away your prod database by running a script on his _local_ dev environment while following your documentation, you have no one to blame but yourself. Why is your prod database even reachable from his local env? What does the rest of your security look like? Swiss cheese I bet.

The CTO further demonstrates his ineptitude by firing the junior dev. Apparently he never heard the famous IBM story, and will surely live to repeat his mistakes:

After an employee made a mistake that cost the company $10 million, he walked into the office of Tom Watson, the C.E.O., expecting to get fired. "Fire you?" Mr. Watson asked. "I just spent $10 million educating you." [italics in original]
Indeed, as business writer Suzanne Lucas notes, it is the CTO who should have been fired for this incident. As it stands, he has harmed a former employee and his employer. And with the attitude towards learning and responsibility his actions demonstrate, if the CTO remains employed, he will continue to be a major, hidden liability of unknown size for his company.

-- CAV

2 comments:

Dinwar said...

I think another aspect of this is epistemological. The CTO in this story expected the new hire to know things that the new hire had no way of knowing, and punished the new hire for not knowing those things he couldn't know. Even ignoring the fact that this company was operating in a non-standard fashion, a single day is insufficient time to learn how a company operates, what its protocols are, and what the critical systems are.

To punish someone for not knowing what they can't know is, in fact, to demand omniscience--or at least precognition, both of which are impossible.

Gus Van Horn said...

Dinwar,

That's possible, although I lean on the side of throwing someone else under the bus or more general incompetence.

Something like that is possible: I've dealt with people who seemed to expect others to know things they shouldn't necessarily be expected to know.

Gus