‘Angry Employee Deletes All of Company’s Data‘ is how the headline read last week describing an alleged incident of data sabotage where an employee, erroneously thinking a help wanted ad in the paper by her employer was describing her job, allegedly leveraged her access late Sunday night to destroy 7 years of data worth an estimated 2.5 million dollars.
As Jacksonville Sheriff’s Office spokesman Ken Jefferson told reporters:
“She decided to mess up everything for everybody … She just sabotaged the entire business, thinking she was going to get axed … She decided to be spiteful and go in and sabotage the records. And she did a very good job of that …” – via Fox News & TheRegister.co.UK
According to the Fox News story, Hutchins told one TV station (First Coast News) he’d managed to recover all the files using an expensive data-recovery service … though the Register reports firm owner Steven Hutchins saying the restoration fee was “not a sensationalistic amount of money.”
So what does this have to do with your church and/or charity website? Glad you asked …
… those of you with some systems administration experience are undoubtedly shaking your head after reading such stories – and for good reason. Much of the pain could have been prevented had the following five measures been taken:
- Make a nightly, or at least weekly backup of the 7 years of work;
- Take the grandfather backup, that is the backup before the most recent backup, and move it off site – preferably to a fireproof safety deposit box. It is after all worth 2.5 million dollars;
- Create a disaster recovery plan that includes loss of data, loss of hardware, loss of operating system, loss of personnel;
- Take a Saturday and practice the disaster recovery plan. An example scenario I might suggest to said Florida firm is to enact the plan to deal with damages incurred by a hurricane;
- Limit access to full data to a vetted, trusted, bonded and insured system administrator. Everyone else gets data on a ‘copy of’ and need basis – I’m thinking through a secured revision control system that can be backup-up and where there is immediate recourse to a variety of intentional and unintentional ‘mistakes.‘
Think about it, all it takes is one disgruntled or even one well-meaning but not-so-careful layperson and/or church staff person to effectively wipe out your church and/or charity’s data in a fashion similar to what Marie Lupe Cooley allegedly did to Steven E. Hutchins Architects.
So make plans to protect your data now!
As for the job … apparently Ms. Cooley originally wasn’t in danger of losing it. The ad was for Hutchins’ wife’s company.