No, this isn’t a touchy-feely inspirational post that talks you into taking leaps and bounds in your career. I write those every now and then, but that ain’t today.
Instead, today’s post is about a question: what’s stopping you from snooping in your company’s data?
You, as someone with a lot of database access, have more security permissions than just about anyone in the company. You probably have access to payroll records, financial data, company secrets, you name it. Sure, the company would like to think everything’s kept under lock and key, but developers and database administrators have the keys and they know how the locks work. Even in the most secure environments, I usually find that the staff could answer any question they feel like asking.
But we rarely do.
When I was a DBA, I felt a strange pride in knowing I could query any data whatsoever, yet I was beyond temptation. I didn’t want to know anybody else’s salaries because I believed it didn’t matter. If someone else was making more money than me, good for them and their negotiating skills. If nobody was making more than me, I shouldn’t be proud – I should be ashamed for taking more than I probably deserved. I didn’t want to see anybody else’s employee review, I didn’t want to know how much the company was making, and I didn’t want to see confidential data.
I’ll confess, though, since it’s just the two of us here – at a former company, when our sysadmins stumbled across a cache of videos on the file server, I stood around and watched with the rest of the IT team. We played an employee’s videos of their trip to Russia in search of a mail order bride, and my mind is permanently scarred by the memory of that employee sitting in a hot tub auditioning a prospective wife. It’d be one thing if these videos were in the employee’s private home directory, but these were shared with his entire department! We called HR, and oddly, the guy kept his job. He must have had more incriminating videos of other folks.
I’ll also confess that in the 2000s, while I lived in Houston, there were only two companies I ever aspired to work for: Arthur Anderson and Enron. Oh, how I longed to work in the beautiful architecture of the downtown Enron complex, but the Enron scandal brought both companies down in a flaming mess, almost before the buildings were ready. I counted my odd blessings that I hadn’t been admitted entry into those doomed businesses. However, what if I had? What if I’d gone to work for either company, and I suspected shady dealings? Would I have had the foresight, guts, and security permissions to make database queries to find out what was going on behind the scenes?
My guess is no – I’d never dream of writing a query to get data I’m not supposed to access in my daily job. Why is that, and what’s stopping you?