[snowwolf]

> 4. With thissaid, we've used this as a learning example and additional training has been provided to the individual involved

This is not the correct solution. What's to prevent the next new person from making the same mistake?

If it shouldn't happen, don't make it possible to happen. Put in place a technical solution that doesn't allow it happen. And if there is some special case where it still needs to be possible, make it that it needs a secondary signoff from a senior team member.

People will always be fallible.

[fencepost]

This is the kind of 'learning experience' that becomes part of corporate culture and future training. When someone says 'Why bother with all this?' the response can now be 'Read this writeup of how ONE person NOT doing this correctly cost the company a ton of marketing $$$ and STILL left us with a black eye with our more technically-savvy customers.'

And how many people at Namecheap do you think aren't aware of this by now?

But yes, technical solutions should go in but those take longer to implement. Among other things, it seems to me that re-prompting for the account password might be a good idea before any VPS reinstall/reinitialization that's going to wipe an existing VPS (not that it would've helped much here).

[tamar]

That's part of the whole issue. It wasn't simply an issue of retraining. The entire company is well aware of this issue and is using it to improve, not simply to reprimand a single person.