College Fires IT Admin, Loses Access To Google Email, Successfully Sues IT Admin For $250K

An anonymous reader quotes a report from The Register: Shortly after the American College of Education (ACE) in Indiana fired IT administrator Triano Williams in April, 2016, it found that it no longer had any employees with admin access to the Google email service used by the school. In a lawsuit [PDF] filed against Williams in July, 2016, the school alleges that it asked Williams to return his work laptop, which was supposed to have the password saved. But when Williams did so in May that year, the complaint says, the computer was returned wiped, with a new operating system, and damaged to the point it could no longer be used. ACE claimed that its students could not access their Google-hosted ACE email accounts or their online coursework. The school appealed to Google, but Google at the time refused to help because the ACE administrator account had been linked to William's personal email address. "By setting up the administrator account under a non-ACE work email address, Mr Williams violated ACE's standard protocol with respect to administrator accounts," the school's complaint states. "ACE was unaware that Mr Williams' administrator account was not linked to his work address until after his employment ended." According to the school's court filing, Williams, through his attorney, said he would help the school reinstate its Google administrator account, provided the school paid $200,000 to settle his dispute over the termination of his employment. That amount is less than half the estimated $500,000 in harm the school says it has suffered due to its inability to access its Google account, according to a letter from William's attorney in Illinois, Calvita J Frederick. Frederick's letter claims that another employee set up the Google account and made Williams an administrator, but not the controlling administrator. It says the school locked itself out of the admin account through too many failed password attempts. Williams, in a counter-suit [PDF] filed last month, claims his termination followed from a pattern of unlawful discrimination by the school in the wake of a change in management. Pointing to the complaint she filed with the court in Illinois, Frederick said Williams wrote a letter [PDF] to a supervisor complaining about the poor race relations at the school and, as a result of that letter, he was told he had to relocate to Indianapolis.

default judgment

[borcharc]

They got a default judgment against him, they did not win on the merits of the case. Default judgments are not so final when the other party wants to fight about it some more.

What an idiot

[realmolo]

ALL sysadmins have thoughts of what they would do as "revenge" for getting fired. Hoarding passwords is something that has occurred to all of us, at one time or another. It's such an easy thing to do.

But you can't do that stuff. It's unethical, and immature, and unprofessional. Not to mention, you'll end up getting sued, and YOU WILL LOSE.

This guy sounds like a whiny little bitch, and he never should've been hired in the first place. When you hire sysadmins, you need to hire people that seem trustworthy, first and foremost.

Re: What an idiot

[mattyj]

Maybe because it's the ethical thing to do, and perhaps he'll want to work in IT some time in the future. But that ship has probably already sailed.

My guess is that this guy is in his early 20's, first IT job probable, and doesn't realize the ramifications of what he's doing, career-wise.

I'm old enough to have been laid off several times, and most of those times I forgot to document something or whatever, and I helped out my former comrades when asked, well after my termination, because you build a rep in this business and this childish garbage will follow you around forever.

Re:What an idiot

[networkBoy]

It sounds like someone else setting up the account used Williams's personal email to link him in, and he never removed it (likely because a lockout could ensue). I am not so sure that he is really to blame here.
Any equipment that has seen any mixed personal/business use has always been forensically wiped prior to returning to my employers.
None have ever complained.

Hoarding passwords is a dick move and not okay.
Even as PO'd as I am at my former employer, if I was in a similar situation I would have made them the offer of:
re-instate my work domain account and email, give me a cube for a week, and pay me as a contractor on a 1099 for that week.
In exchange I'll use my personal email account that someone else (apparently) linked to unwind this and remove my access after adding someone else and verifying their access works.

That is reasonable and prevents me from working for free, disentangles the mess, and most importantly to the court system, doesn't look like an extortion attempt.

Re:What an idiot

O COME ON...SERIOUSLY? You have such little integrity that you actually believe that anyone who has ever been a sysadmin covets keeping passwords or even fantasizes about it as revenge?

You know its been said that the 'measure of a man is not what you do when people are watching but what you do when nobody is watching'...I really hope I never interact with you.

There are still people in this world that have morals/personal integrity that they live by both in thought & deed regardless of who may or may not 'know' they are doing so.

Re:What an idiot

[aaarrrgggh]

That is kind of the right way to do it, but the reality is the "escort out the door" policy on firing people. (There is no rational way around that which adequately protects the employer both in terms of damage and liability.) The established process for this type of thing, which works pretty well, is a password escrow system where ultimate passwords reside (root and the like). I have seen digital and dead-tree versions of these systems, and personally prefer the dead tree variant: seal password book in envelope signed by senior system administrator who wrote down the passwords, place that envelope in a second envelope signed by legal counsel, and then place it in the president's safe. A third witness level is a nice to have on both envelopes. When the senior administrator is fired, quits, or dies, all the passwords need to be changed, so you open the escrow and validate the signatures, and get to work. The weakness is that as you update the keys-to-the-kingdom you have no proper means of redundancy or control.

Re:What an idiot

[quetwo]

That wasn't really the case here. The IT shop apparently had a crew of a dozen or so people. They all had admin rights on the Google domain plus some root admin account. When they fired Williams, (according to the court docs), the laptop was sent back with the root account set to auto-login. Apparently the company they had outsourced the IT to either wiped the machine or did something to it where the root account got locked out or the password changed. The only other account that had admin access was William's personal google account (which was supposed to be removed from admin rights).

He didn't want to work with them anymore to help them recover their admin account, which they screwed up. They ended up suing him. He ended up losing because he didn't show up to all the court dates, because he couldn't travel to Indiana because he was not able to take his kid with him to Indiana (because of a ruling from family court).

If he would have shown up to court, he actually would have won. It was the school's responsibility to secure their property before firing him (including logins, etc.) They didn't, and they can't expect him to even answer his phone after they separated. He was actually in the right, by law, to ask for compensation for working with them, as a new contract work for hire. This is pretty standard case law, and the LRB has postings about it all the time. Now, he could have been in the wrong if there was a policy about not associating the domain admin account with your personal account, but that clearly wasn't the case since it was well known that it was done and they didn't bat an eyelash about it.

Re: What an idiot

[silentcoder]

>What would have happened if he'd been hit by a bus?

To answer your question I set up an experiment in which over 3000 people were hit by a bus under laboratory conditions. I carefully monitored the outcomes in all cases and can report my preliminary findings. With 99% probability, when a human being is hit by a bus, that human dies. The full paper will be submitted to NATURE for peer review and publication later this year after dealing with some anomalies in the test data (in one case... the bus died).

Dude plays race case, threatens upper management..

[xxxJonBoyxxx]

From the letter linked to in TFA summary:

>> The culture of American College of Education (ACE) has become very toxic over the last 6 months and seems to affect only the African American demographic of our college. I know our HR manager is relatively new and may not know the history of the college regarding a few past discriminatory practices that were resolved by legal actions...I suggest that all members of upper and middle management at the company take diversity and sensitivity training.

How does that read? "I want less racist managers and if you don't make me happy I may find an attorney to help me play the race card..."

Maybe he had a point, but I could understand how a lot of people in the college might be looking to drive him out, regardless of his IT skills (or lack thereof).

Re:Dude plays race case, threatens upper managemen

[kamapuaa]

Maybe it was a legitimate complaint?

Holding passwords hostage isn't the answer, but nothing inherently wrong with bringing attorneys into it. No company wants to hire or even interview tech workers over 45, and Slashdot is happy to talk about lawsuits with regards to that issue.

And in fact you do the opposite

[Sycraft-fu]

You have a plan should you get killed or otherwise be unable to provide the passwords. Where I work, in addition to there being more than one IT staff, all the passwords are safely locked away where the Dean can get at them, if needed. We make sure that even if we are all gone, whoever comes after can get access.

These days the university has policies to that effect but we did it before then because that is what you do. You have a disaster plan, and that plan includes what happens if you aren't around.

Re:And in fact you do the opposite

[argumentsockpuppet]

When I go on vacation, I like to go places where there is often no phone or internet service. If there is anything that my department cannot handle while I'm out, that's a problem. It's a problem I fix as soon as possible. It's been quite a few years since anything that "needed" my attention turned out to be something besides "we didn't bother reading the documentation." I expect a backlog of issues they couldn't handle as efficiently as I could, but nothing they couldn't do if they just read and learned more.

My predecessor once bragged that my employer would never be able to keep him from being able to log back in. He left on "good" terms, so I didn't have to immediately ensure that wasn't the case. That was nice since it did take me more than a month to ensure his access was truly disabled without interrupting any services. My replacement shouldn't need more than a day.

If I'm ever hurt, I expect my job to be waiting for me when I get back. I don't expect it to visit me in the hospital or at my home when I'm recuperating.

If I win the lottery* one day, I expect to call HR and let them know that I'll come in for an exit interview after a few months in a tropical resort. I expect them to miss me and need to pay three times my salary for my replacements. I expect to get invited to office Christmas parties.

*I don't expect to win the lottery. I don't buy lottery tickets, but according to the way I understand math, my odds of winning are exactly the same for planning purposes.

Once in a while I get a call from somebody who wants to sell IT in a box type outsourcing. I don't dismiss the idea out of hand because there's a lot of scut work I wish I didn't have to spend time on, but so far, I can't rationalize the cost. I know they can't replace us, but sometimes I think it would be nice to separate our true work from the work that just fills the low priority moments. There's a very slim chance that somebody with a poor sense of what we actually do will get one of those calls and think they can save money by replacing us. In our offices, I expect that idea to be dismissed immediately, but maybe personnel will change or somebody will make a stupid decision and I'll get to hand over the passwords to my replacement. My next employer will have a dozen references vouching for me and in three months I'll get offered my old job with a salary high enough to make me, at least briefly, consider taking them up on it.

Re:Dude plays race case, threatens upper managemen

Maybe that's because the majority of slashdotters don't need to worry about waking up black or female. Waking up old, however, awaits us all...

need more details

[v1]

If his account wasn't the controlling account, and the school really did lock themselves out, they started the problem. If he used rng for a good strong master organizational email password, and it got wiped as the laptop got returned, he may not have it to return. (one wonders about the state of the school's backups...) As an employee you can't just assume the school is going to go retard on you and require you to provide copies of stuff they ought to already have. To the school's credit, he ought not to have wiped the computer before returning it, that's his bad.

When I last changed jobs, it was well known that I had copies of work-related data on personal drives, as I mirrored them to several around the shop for everyone to use the tools and data on. I was asked to delete that data on my personal drives when I left, which I did. I found out months later that the GM went on a wiping spree, intent on nuking ALL the service drives. (bright lad, that one) I was asked later by the SM if I had that data. nope. The SM finally found one last service drive in an old service machine that had been replaced and mothballed, saving enormous headaches. If they'd have lost that data for good, tough. NOT my problem.

It does sound like Williams isn't going out of his way to be cooperative, but it also sounds like the school is expecting more than they are entitled to in the way of cooperation. Will need to get more details on both sides. Even if he "violated policy" while he was working there, that'll be tough to find any legal liability over. You fired him, that's what you do when they violate policy. That doesn't also mean you're allowed to fine, sue, or break his knuckles after you've parted ways.

Re:"Race Relations"

[quonset]

Compare this generation to the generation that fought WWII.

You mean the generation who literally, in the truest sense of the word, would attack a black guy if he was talking to a white woman? The ones who tried to bar blacks from integrating into a white university and which the National Guard had to come out and protect the kids who only wanted an education?

You mean that generation?

Re: Blacks are sociopaths

[thundercattt]

If he was fired, they would not give him opportunity to pass along credentials to new person. They'd tell him Friday at 4:59pm to get out and then escort him to the door like a criminal. After said treatment, I wouldn't help them for free either. Without dollar bills, my memory gets veeeeery fuzzy

Re:Dude plays race case, threatens upper managemen

[Attila+Dimedici]

I want to first say that there is enough lack of information in this article that it is impossible to reach any conclusion without a heaping load of reasonable doubt.

That disclaimer having been made, this sounds like a situation where the sys admin became a malcontent because he was left out of the loop on a lot of things,,,something which often happens when someone works remotely. He claims they refused to promote him to management, likely because he was working remotely and they did not think it was practical for him to manage people he never saw (they may have been wrong, but I understand why they felt that way). As for the secret meetings he alleges, I doubt they were secret. There were probably a bunch of meetings they did not mention to him because they were not directly related to his job and not worth setting up a way for him to attend remotely. Then they probably forgot to include him in some meetings they should have because A) he worked remotely and B) they had not invited him to the other meetings (the latter which there was no reason to include him in).

Having read the whole story, it reads like there was a change in administration and the new administration did not like that Williams worked remotely and was trying to find a way to get rid of him if he would not move to where he could actually come into the office (something he could not do). I think he read the writing on the wall (Sidenote: by the time the writing is on the wall, being able to read it does you no good) and wrote his letter in an attempt to intimidate them into leaving things the way they were.

My skepticism for his account of things is not because I do not think it could have happened that way. My skepticism is because the story is almost entirely from his side of things and everything still has explanations that do not require malice on the part of the Institution or its staff.

What good is Software as a Service

If the company providing it can't/won't reset your accounts when a manager leaves. That's the point of paying Google bucks for this.

Re: Blacks are sociopaths

That's been my experience as well.

Actually, when I got fired (after training my H1-B "assistant") most of my things were already in a box in security's arms by the time I got out of the office - barely took five minutes too. They pretended my trackball was their property as well, never got it back. Old walkman either.

Two months later I get an email demanding my personal (not work) email password because they'd occasionally sent me documents through it - even though they were warned not to do so - and had lost some. Not "could you send us some of those old docs we'd mailed to your personal address", let alone a "please?", no, a piece of snailmail from legal accusing me of stealing my own hotmail address. That I've had since highschool.

Ha! I had the same thing happen to me.

[aussersterne]

I owned a small consulting company in the late '90s and we were hired to do some work for a VPN vendor. We had to sign a rather onerous NDA and then they stiffed us on payment after six months' work and proceeded to ship what we had built anyway. The "separation" was acrimonious and involved court just so we could get paid.

Two years later, the president of the company contacts me begging for archival copies of what we'd produced, as they suffered some sort of catastrophic event and had lost a lot of source code.

I rather gleefully told him that (a) I had to take him to court to get him to pay me for shipping our work last time around, and (b) as per the NDA that they made a serious issue of in court, we had dutifully wiped everything we had ever worked on for them, and good luck.

I smiled for about a month after that.

Re:"Race Relations"

[ShakaUVM]

>You mean the generation who literally, in the truest sense of the word, would attack a black guy if he was talking to a white woman?

Not everyone back then was a Democrat, dude.

Re:"Race Relations"

[cmdr_klarg]

>You mean the generation who literally, in the truest sense of the word, would attack a black guy if he was talking to a white woman?

Not everyone back then was a Democrat, dude.

Yesterday's Democrat (or Republican) is not anything like today's.