Slashdot Mirror
Replaced by Outsourcing -- What's a Geek to Do?
SafariShane asks: "Yesterday I was fired from my position as 'Network Security Analyst' from a financial institution. I was pushed out by a 3rd party vendor, who labeled me the major security risk, after performing a 'vulnerability assessment.' At the time, I thought a vulnerability assessment of our network was a good idea, but in retrospect, it occurs to me that this company, who's other product is 'Outsourced Network Monitoring and Intrusion Detection' may pull this little trick everywhere they go. Has this happened to any other network security folks out there. Does anyone know if this is a common practice, and what's a geek to do if they find out a 3rd party assessment is on the way? If this happens again at another institution, should I just start polishing my resume right away?" Here's a question I always wish I could ask managers, whenever the topic of 'outsourcing' comes up: if dealing with programmers overseas is more appealing to the bottom line, why not let your programmers work from home for 50-80% of their current in-office pay? For those of you who feel the threat of Outsourcing breathing down your neck, what are you doing to try and stay in your current job, or even in this current market?
I'll also note, because people will ask me anyway, if there were other problems. In my year on the job, there was only 1 network intrusion: Welchia, which was contained in twenty minutes. Anyone familiar with Welchia will know that it is no easy task. I was never reprimanded for anything. In fact, I received a 12.5% raise only two months ago for job performance.
I doubt what they did was illegal, but it's bad business at best. Here is a group of network security geeks, who get other network security geeks fired, so they can increase their bottom line.
I'd like to hear comments from folks this has happened to, and what did you do as a result?"
"Here comes the obligatory South Park reference:
- Perform Network Vulnerability Assessment
- ?
- Profit! (Sell Outsourced product)
Label anyone who is responsible for network security as the risk, and get them fired.I wouldn't even dream up the above situation, except that when the assessment was done, all results were hidden from me. The company presented the results not to the geeks that can interpret them, but directly to the executives that still think 'Clippy' is a great product.
I'll also note, because people will ask me anyway, if there were other problems. In my year on the job, there was only 1 network intrusion: Welchia, which was contained in twenty minutes. Anyone familiar with Welchia will know that it is no easy task. I was never reprimanded for anything. In fact, I received a 12.5% raise only two months ago for job performance.
I doubt what they did was illegal, but it's bad business at best. Here is a group of network security geeks, who get other network security geeks fired, so they can increase their bottom line.
I'd like to hear comments from folks this has happened to, and what did you do as a result?"
...why not move with it?
Step 1. Go back to the company and say I can protect your network from any attack anyone will ever think of. Go to the core routers and turn them all off.
Step 2. Send them a 15k dollar bill.
Step 3. Pick the company
Step 4. go back to Step 1
Every year increase cost by 3%
I don't suffer from insanity, I enjoy every minute of it.
Except that can get you jail time.
;)
If this company he works for was run that
badly he's better off trying to find another
employer.
He might consider writing some security apps
himself and selling them. His boss would be
a lot more resonable
-- Programming with boost is like building a house with lego. It's a cool but I wouldn't want to live in it