Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 
        
Home       Members    Calendar    Who's On


Add to briefcase

This is how to fail Expand / Collapse
Author
Message
Posted Monday, December 16, 2013 9:59 PM


Ten Centuries

Ten CenturiesTen CenturiesTen CenturiesTen CenturiesTen CenturiesTen CenturiesTen CenturiesTen Centuries

Group: General Forum Members
Last Login: Tuesday, November 11, 2014 9:07 PM
Points: 1,046, Visits: 2,738
Comments posted to this topic are about the item This is how to fail



Tim Mitchell, SQL Server MVP
Independent Business Intelligence Consultant
www.TimMitchell.net
@Tim_Mitchell

Post #1523522
Posted Tuesday, December 17, 2013 4:58 AM


UDP Broadcaster

UDP BroadcasterUDP BroadcasterUDP BroadcasterUDP BroadcasterUDP BroadcasterUDP BroadcasterUDP BroadcasterUDP Broadcaster

Group: General Forum Members
Last Login: Today @ 6:06 AM
Points: 1,475, Visits: 8,465
Couldn't agree more - how you handle the failure can become more important than the failure itself.

I've let my subscription to Adobe expire because of the way they handled their hacking event. I had a letter from them, explaining what had happened several weeks after I read about it on the BBC news site. Within a day of seeing that news article I had changed my login details, card details and then waited for more information from Adobe.
One short email from them after a few days and a letter weeks after that.
No details on what they're doing to rectify the fault, just another email to let me know my subscription isn't working - damned right, they aren't getting my card details again.

Fortunately I was only using a small percentage of their software and have replaced the functionality with other software packages that don't require my financial details.

Own up, keep everyone informed and fix it.


BrainDonor
Linkedin
Blog Site
Post #1523607
Posted Tuesday, December 17, 2013 8:15 AM
Mr or Mrs. 500

Mr or Mrs. 500Mr or Mrs. 500Mr or Mrs. 500Mr or Mrs. 500Mr or Mrs. 500Mr or Mrs. 500Mr or Mrs. 500Mr or Mrs. 500

Group: General Forum Members
Last Login: Today @ 3:17 PM
Points: 592, Visits: 7,009
Seems like the Buffer team did a great job indeed with their situation. I'm honestly surprised to see a company own up to a breach and try so extensively to keep its users updated as things progress!

My roommates and I play a certain online game that was hacked earlier this year; it was through a SQL injection vulnerability, painfully enough. Thousands of accounts were breached, and quite a large amount of credit card information was taken. The disappointing part, though, was how the situation was handled; several high-ranking player accounts were stolen first, and the hackers posted rather unflattering messages on the game's forums using them.

Rather than admit what was happening, and tell the users to remove their credit card data from the system, the company just said that a few "lucky guesses" of passwords had happened, and nothing more. Meanwhile, more accounts and credit cards were stolen. Finally, two weeks after the breaches started, they admitted that they'd been disrupted quite severely, and advised everyone to change their passwords while they fixed the vulnerability.

I'd have to say that was one of the shoddiest responses I've ever seen to account theft. When something like this goes wrong, you drop everything and fix it now. Pretending like there isn't a very real and very major problem happening is the worst thing you can do!




-
Post #1523717
Posted Tuesday, December 17, 2013 8:58 AM


SSC-Dedicated

SSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-Dedicated

Group: General Forum Members
Last Login: Today @ 3:36 PM
Points: 35,531, Visits: 32,114
In my very humble opinion, Mr. Joel Gascoigne handled things absolutely perfectly. Even though I don't use Buffer, the man and the company he represents have earned an incredible amount of respect from me. Very well done, Mr. Gascoigne.

It's a real shame that more people don't take such ownership problems in the world of IT. There are a quite a few companies that I've had to deal with in the past that haven't taken such ownership and I refuse to deal with them anymore even those that are "the only show in town".

Now, if we could just get politicians and other public servants to take the same ownership. No, not holding my breath for that one.

Shifting gears, outstanding article, Mr. Mitchell. It's a rare thing that people recognize such failures as the awesome success that they actually are.


--Jeff Moden
"RBAR is pronounced "ree-bar" and is a "Modenism" for "Row-By-Agonizing-Row".

First step towards the paradigm shift of writing Set Based code:
Stop thinking about what you want to do to a row... think, instead, of what you want to do to a column."

(play on words) "Just because you CAN do something in T-SQL, doesn't mean you SHOULDN'T." --22 Aug 2013

Helpful Links:
How to post code problems
How to post performance problems
Post #1523744
Posted Wednesday, December 18, 2013 11:48 AM


SSCoach

SSCoachSSCoachSSCoachSSCoachSSCoachSSCoachSSCoachSSCoachSSCoachSSCoachSSCoach

Group: General Forum Members
Last Login: Today @ 3:37 PM
Points: 17,940, Visits: 15,928
Failures will come. How we address those failures is often as much of the story as the failure itself. Fail the right way.


Thanks Tim.

Good writeup.

I agree with the premise. This is a principle that I have tried to teach those I mentor. If a problem arises - communicate about it and own the issue. Get it resolved and communicate some more.




Jason AKA CirqueDeSQLeil
I have given a name to my pain...
MCM SQL Server, MVP


SQL RNNR

Posting Performance Based Questions - Gail Shaw
Post #1524276
Posted Wednesday, December 18, 2013 2:01 PM


SSChasing Mays

SSChasing MaysSSChasing MaysSSChasing MaysSSChasing MaysSSChasing MaysSSChasing MaysSSChasing MaysSSChasing Mays

Group: General Forum Members
Last Login: Tuesday, September 23, 2014 7:42 PM
Points: 635, Visits: 2,215
I'm a participant on another website as both an "common" poster as well as having an elevated adviser position. The senior admin on the site has drilled into all of the advisers and moderators this idea: "Oops is not a four letter word."

There are a few things that are life and death for humans on a website. And most technical issues are not. This view has served us and the askers well over the years. He does expect you to take responsibility, and do your best to correct it, and avoid a repeat. At the same time you typically won't be shot for it.

It sounds like the CEO has this attitude as well. Fix it as best and as fast as possible. Take the hit, and do your best to move on. This sounds like the Swiss cheese type set of errors. On bad programming issue didn't left a minor dent like a piece of Swiss cheese. But stack the Swiss cheese the right way and it leaves a hole that can cause damage to happen.




----------------
Jim P.

A little bit of this and a little byte of that can cause bloatware.
Post #1524353
Posted Monday, December 23, 2013 8:05 AM


SSCertifiable

SSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiable

Group: General Forum Members
Last Login: Today @ 12:23 PM
Points: 5,734, Visits: 3,644
Well, well. That explains why I started receiving email to an email account setup for communications solely with Adobe. I Tweeted Adobe and was ignored. I had missed this hack as a news item and heard nothing from any Adobe communication channel. Obviously, Adobe is a company I no longer trust.

Hats off to Joel Gascoigne. Now that is a style of management I can put faith in.


Gaz

-- Stop your grinnin' and drop your linen...they're everywhere!!!
Post #1525552
« Prev Topic | Next Topic »

Add to briefcase

Permissions Expand / Collapse