In the case of sabotage, a business gets attacked from within its own safe walls, eventually putting it in a deep slumber it might never recover from. This kind of thing happens often in even the largest enterprises; it’s not just something rare that occurs once to some random company out in the outer edges of the Internet. Just because airplanes are more likely to crash than you are likely to be sabotaged doesn’t mean you shouldn’t prepare for it, either.
Such is the story of Peter Justen, a serial entrepreneur who founded Mybizhomepage, a product that provided businesses with financial metrics data. This piece of software would analyze a company’s QuickBooks data and put things very plainly so that the people in charge have a very precise idea of which direction the company is going in. This software would send alerts when some metrics passed a certain threshold, such as accounts-receivable.
At one point, Justen declined an offer to buy the company, justifying it with the fact that he hasn’t yet tapped the full potential of the product with a global audience, having only some thousand customers at the time. His Chief Technology Officer (CTO) didn’t really like Justen’s decline, so he gathered up a few other folks and started mustering up the resources to start a competing company. Justen didn’t like that, either. When he learned about this, he fired the CTO and asked his own lawyer to send a cease-and-desist letter, effectively halting any effort in creating a new company.
Shortly after this whole debacle, Justen’s software started crashing on and off. Not only that, but the personal emails and Facebook accounts of executives and board members were compromised, sending details about their business practices to contacts on their lists, which alleged that the company was defrauding its investors.
But here’s the interesting part: When Justen called the authorities to explain what happened, he learned that the CTO doesn’t even have an identification. That means they found no real license plate, real name, no credit cards, and no tax returns to tie to him. The CTO was actually as difficult to trace as a homeless person with lots of cash.
In this situation, he had two choices: Either he would renounce and just start over, or he would declare bankruptcy and leave his investors with nothing, completely soiling his reputation and confirming the allegations against him.
If you don’t want to be faced with a similar situation, consider these practices:
- Adopt a role-based access control solution that would allow different people to have different levels of access within a firm.
- If this happens to you, be honest, and try not to declare bankruptcy. In Justen’s case, he could admit to his investors that he didn’t really look into his CTO’s identity and didn’t have the security measures necessary implemented to ensure the prevention of catastrophic failure.
- Implement a protocol for people who leave the company that involves shutting off their access properly for all company resources. Security should be tightened especially on high-profile individuals. If you run a software company, showing employees the door should also include ensuring that you immediately have a backup of your business’ software somewhere very safe – somewhere only you can access and no one (not even your dentist) knows.
These kinds of practices aren’t magically effective, but they definitely do a good job in prevention and/or eventual damage control. Access control is, perhaps, the most important of the three; and the third practice goes hand-in-hand with it. Access control solutions should always give you a way to cut off access from people who leave the company. Ensuring you’re well protected is no joke. Sabotage happens a lot – usually in tiny ways, but sometimes in a way that could completely devastate your hopes, your dreams, and your future.