Why Should I Trust My Network Administrator?

Andrew writes "I'm a manager at a startup, and decided recently to outsource to an outside IT firm to set up a network domain and file server. Trouble is, they (and all other IT companies we could find) insist on administering it all remotely. They now obviously have full access to all our data and PCs, and I'm concerned they could steal all our intellectual property, source code and customers. Am I being overly paranoid and resistant to change? Should we just trust our administrator because they have a reputation to uphold? Or should we lock them out and make them administer the network in person so we can stand behind and watch them?"

Re:gun laws

[Grishnakh]

It's probably more of a cultural thing with Japan. The crime rate there is very low, even with their strict gun laws. The UK, by contrast, also has strict gun laws, and has a very high crime rate (but these crimes aren't committed with guns, but with knives and clubs and fists, so the anti-gun people don't see them as crimes). The knife crime rate is so bad in England they've even contemplated banning pointed knives, which is beyond ridiculous.

spoken like a true sys-ad

[reiisi]

While I won't argue with the idea that you should replace the system admin if you can't trust him/her, there is a fundamental problem when we separate managing data from managing people.

No, our current managers should not be trusted with their own networks, at least not most of them.

But management schools that don't teach enough applied systems management and enough information technology that someone graduating with a management degree could be expected to safely manage disconnected keyservers and a small, highly secure subnet for critical data, well, such schools are not teaching management.

They're only teaching how to either party or crack the whip or both.