32
f03n1x
3y

So at work with the Macs we use, we have some guy come in after hours to service the Macs, and that means the security risk of leaving our passwords on our desks.

Not being a fan of this I tell my boss, he knows it's a risk and despite that he doesn't want this guy coming in while we're here.

Though my main problem is the Mac guy Steve is arrogant and thinks he's a know it all, and with the software I have on the Mac may end up deleting something important, I have git repo and all but I feel off just letting someone touch my computer without me being there.

I tell my boss about the software and stuff he just says contact Steve and tell him about it, to ignore the software and such, I say alright, I write up an email telling him not to touch the software listed and the folders of software documents (again it's all backed up).

No reply, I tell my boss and he says call him, I call him and he hangs up on me on the second ring!

Not sure if he's busy, but I left him a message, asking if he got my email, no reply and it's coming close to the end of the day (going to service Macs in the weekend)

I'm just not going to leave my info because if this guy can't check emails or even get back to someone why should I bother with this bullshit of risking my work.

From all the info I hear about him and my previous rants he's an arrogant prick who loves Macs.

Can't wait to leave this company, pretty sure leaving my password on my desk is a breach of our own security policy, and since 8-9 people are doing it, it's a major risk.

But he's friends with the CEO so apparently it's fuck our own security policy.

Comments
  • 6
    So I looked it up and it's against our own security policy to do the whole leave password on desk thing, aside from it being an obvious one.

    I tell my boss that he hung up on me and he just says call him again...
  • 2
    Does he specifically need to have access to your account to service your Mac or he could do it from an IT account for which he, alone has the credentials? That's what we did at my previous job.
  • 2
    @paulwillyjean he hasn't ever brought it up but that would the most ideal situation, though considering what my contract says I should be taking over his role, which would be a lot better being in charge of just making sure Macs backup should be relatively easy.

    But in this case, this guy not part of our company knows all out password he can clearly check our emails which include confidential information.

    I've only spoken to him over the phone once asking some advice on antivirus software I said virus because to co-workers malware and any other malicious software could just be considered viruses for easier explanation. He just straight out corrects me Macs cannot get viruses, you wouldn't need an antivirus. Sure that's true but it wasn't the question lol.
  • 2
    Uh, what exactly does "service the macs" really mean? I've used my MBP since 2012 (yeah its getting old now) and have never felt the need for a guy coming and "service it"..?!?
  • 3
    Oh sorry I meant he was supposed to setup the airport backup thing again it really is a 5 min job but I guess he somehow convinced the CEO it takes a weekend or something

    I asked him for the password via email and he ignored me and went over my head to the CEO and he said he'd do it himself
  • 4
    Change your password to something that when worn down can easily be read as something else.

    So fill your password with 1, L and I but write each one of those characters as the same vertical line. He won't be able to log in and you have fulfilled your duties to leave your password for him.

    Not your fault he can't read your handwriting.

    Even better get a co-worker in on it and have them verify your password after the fact getting it right first time, if your questioned on not being explicit enough in writing your password down you can day but my co-worker can read it fine.

    Honestly though it seems like your company needs to bring its policies out of the dark ages and into the modern era. I mean they taught us in school (20 years ago) that this is bad practise.
  • 3
    @querellaMMXII yeah, that seems like a good idea, sadly he's going to be there tomorrow my password is full of 1's and other numbers and it's kinda difficult to read, he'll probably‚Äč have trouble with it and I hope he just gives up soon lol.

    And you're right though, despite my role and what the contract says they tend to just brush me off like it's nothing, they know leaving a password out is a security risk, but despite common knowledge they disregard it all, we're the support office and also the main part of the company and yet if the other franchisee knew this they'd be shocked, yet we bat down on people who make mistakes.

    This company has tons of problems from me being there as a developer for 9 months now, including people having multiple roles which take up too much time. But it seems like we're too stingy to get some more staff. The company isn't small either we have a couple dozen franchises over two countries
  • 2
    I really don't think there's hope for this company and can't wait to leave, they just act as if I'm some IT guy, despite being the sole developer of their app.

    I'm just glad they don't ask why it takes me so long, because my contract says 6 months but I've been around for nearly 9, which I may add is quite an odd thing (though my contract says they assume will take 6, and I'm around until I finish the project)
  • 0
    @f03n1x Just have to add that Macs actually CAN get viruses :)
  • 0
    If you're the sole user of the machine, I'd just change the password and write down some bogus. This is a horrible security disaster waiting to happen. Nobody touches my software.

    Since you and him aren't there at the same time, he can't confront you with it anyway.
  • 3
    @linuxxx ah right guess I'll look up some examples in case he still thinks otherwise

    @Dairattez yeah I really should have done that, he really has no reason to touch the Mac I'm working on, honestly I wish I use my own machine just so I don't have‚Äč to deal with this, but despite that it is breaking company policy.
  • 2
    Just thought I'd post a comment separately as an update:

    So Steve rang me in the weekend (despite the fact it was a weekend job, he rang me Sunday afternoon).

    He said he couldn't find my password, lol I left it under my keyboard, anyways he gives me the reason for needing access to the Macs.

    He wants it so that the software is run under one apple id, I guess it makes sense in a way, but it could just be in a policy to sign in as one apple id, none of this bullshit, he also said it's so he can update the software which also could be done by the person using the Mac by knowing the password for that Id.

    From the conversation we had he really is arrogant, I told him I had to get xcode because I needed to do my job, and the real reason is because I can't just sit around waiting for someone to give some apple id, just to download free software.

    All in all start the countdown guys I'm going to be leaving the company (as soon as I find a job that is)
Add Comment