Steve Riley on Security

Formerly of Microsoft's Trustworthy Computing Group.

A CEO who should be fired

A CEO who should be fired

  • Comments 9
  • Likes

So the CEO of an important customer of ours (no, I won't tell you who it is) claims to be, um, "very technical" and therefore keeps his own Windows domain and refuses to be part of the corporate forest. Go ahead, take a moment to express your astonishment; it took me about a full minute to recover my composure, too! Well, their IT is re-engineering part of the network and now has to, yet once again, figure out how to incorporate the non-standard and unmanaged "personal network" of this particular maverick.

This is a load of nonsense, as I'm sure you'll agree. No matter how I spin it mentally, I simply can't envision even a single business justification for this CEO to exempt himself from policies that everyone else is required to follow. He apparently fails to realize that his choice sends a clear message saying, in effect, "The policies suck and I know it." His behavior probably demoralizes the entire IT staff and communicates to them that he doesn't trust them and that they have no value.

Also, and probably even more important, his stance arguably increases costs to the organization. Just consider the ongoing extra (costly) work required for building the additional design, testing, troubleshooting, and support necessary to accomodate his silly whims. No worthy CEO -- one concerned with shareholder value and organizational performance -- would willingly do this. I know one company whose products I now will never buy.

Comments
  • You have to be amazed at people like this - my question is - if he's insisting on not being a part of the corporate IT administered networks, why does he insist that corporate IT provide him with any service?

    Those machines that are off-domain should be considered his "personal" machines, and not company property.  As such, they should be quarantined off the network, and given the same access as a visiting contractor, or someone bringing in their personal laptop from home.

    As you say, any policy that the CEO refuses to follow is going to be ignored by other employees, too.  I can't tell you how many times I've ended a security argument by noting that, for instance, I don't run as administrator either.

  • This isn't the guy who writes the checks is it?

  • "Maverick?"  Are we talking about Mark Cuban?  I like Cuban, but he used to be in tech and this sounds like something he would do.

  • Thats one spoiled CEO.....

  • Alas, I can't reveal here who this particular CEO is...

  • I agree with your comments, particularly about the signals he is sending to his staff with this behaviour of not living by the decisions  his own management has made. I would never want to work for a CEO who behaves in that way. Luckily enough we have a great new CEO who does not behave in that way (as far as I know). She puts a lot of demands on the staff, and appears to meet them herself. Among many other things she appears has realised the importance of cutting down the number of IT applications in use. It would be great if we could actually achieve that particular goal of "one function - one solution".  

  • This is one great example that should be included in this book - Bad Leadership: What It Is, How It Happens, Why It Matters by Barbara Kellerman.

    I hate double-standard.

  • Sounds terrible. Was the domain called steveballmer.microsoft.com or just steveballmer.com? ;-)

  • CRAIG: ha ha. The answer is: neither :)

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment