[thisisit]

> a former interim IT manager still had an email client connected via token authentication - with access to all messages. And that person had signed the original contract with the provider years before. Informally questioned, he admitted contacting them "to warn them" but claimed it was harmless.

This kind of behavior rubs me the wrong way. People leaking stuff, breaking compliance and then say - It was just harmless.

I work with a Director who has done something similar multiple times. The chain of events often is - She attends an industry conferences, there she learns about a piece of software, she goes ahead and schedules product demos and solicits a contract. She then contacts the only outsourcing agency she is aware of and promises to give them the implementation contract. Then reaches out as she doesn't have the authority to sign those contracts.

Since the time I have been responsible for product selection this has happened twice. Both times I have been under different managers. Both managers have insisted it was harmless.

Last time this happened the Director was told by promising work and soliciting contracts she was in gross non compliance of the company policies. Her response showed how little she cared. As per her, this was an internal matter and no one could punish her.

Later when we evaluated the product and it promised to "get better with time". All the company's data was being ingested into an AI without regard for enterprise data security rules. Even then her response was - What is the big deal? Everyone reads everyone's data. Legal got involved and shut it down - they asked the product to turn off AI features for our instances.

It is really hard to contend against a malicious or dumb team mate. In a corporate setting if they are higher than you then it is even more difficult. They can chalk it up to a harmless mistake and no one can do a thing.

[dec0dedab0de]

I worked for two very large fortune 100 companies. Both of them had people in management quite obviously taking personal kickbacks from vendors. Sometimes right out in the open. I would loudly point it out in meetings, which got me uninvited from a bunch of meetings.

[D-Coder]

> which got me uninvited from a bunch of meetings.

So, not a total loss.

[steveBK123]

Every POC I have been involved in, across multiple firms, was driven by management trying to send some business to a buddys company

[gregorvand]

Definitely. I've watched a company move its entire health care plan to a startup, buddy of the CEO, to help juice said startup's customer base for investors. When the company were invited to a call to learn how their health plans had changed compared to the old provider (but after the contract was signed) - the startup 'would need more time to figure that out' .. you can imagine the deafening silence on that well-attended zoom call.

[ekianjo]

Yeah it's very often the case.

[viccis]

What you're describing the director do sounds like the favorite pastime of HR directors. They just love going out and changing up the performance review software every couple years without consulting anyone else and paying enormous amounts of money for it. At least the current favorite for this (Lattice) has decent UX versus some of the past ones I saw used all over (PeopleSoft in particular)

[tharkun__]

If you like Lattice's UI then I can't even imagine how bad the other options must have been.

[viccis]

PeopleSoft, especially before the mid-2010s and depending on how it was configured, was an exercise in terrible UX. You'd have to click through like 6 pages just to change one thing. At one point, I remember there being an encoding difference between Firefox and IE that meant that you could have longer self evaluations in IE. The way they'd configure SMART goals and such was insane and it would regularly error out and dump your written text, so people would write their stuff in notepad and paste it in to submit.

Lattice is not perfect but it legitimately seems to be designed by people who understand that it's not actually useful to anyone and that the best user experience is just to make it as easy as possible to phone it in, complete with built in LLM stuff to take your poorly written self eval and make it look better.

[emeril]

lattice isn't too bad I think?