I was having a conversation with my 14-year-old grandson Thomas the other day. He was telling me that is signed up to take a programming class in school next term and sees a future career in technology. He loves playing video games, so maybe developing them would be a good choice. He also was thinking about being an “IT guy” because of certain things an IT guy can do.

I was curious about what he thought working in IT involved since most of his knowledge was probably from movies. The first scenario he came up with involved getting fired so that the company could hire someone else for less money to do the same job. It wouldn’t be long before they begged the IT guy to come back – at 20 times the old salary – since no one else could do the job.

As exciting as this fantasy sounded to young Thomas, keeping knowledge to oneself to improve job security is a bad idea. Too much job security due to hoarding knowledge means that you cannot easily take time off and never fully disconnect from the job. Documentation, automation, run books, and cross-training should be the norm.

The second fantasy scenario involved the sabotaging the company so that data and systems would be lost if IT guy was ever let go. Thomas imagined that said company was actually corrupt and doing lots of evil things. Once an investigation uncovered the misdeeds, IT guy would be a hero for taking down the company.

As exciting as that scenario sounded to young Thomas, schemes like this are criminal regardless of the wholesomeness of the targeted organization. In my opinion, anyone with intentions of hurting a company through these means doesn’t deserve the job, and IT professionals should use their powers for good and not evil

Of course, organizations should have controls in place, such as separation of duties, auditing, encryption, and well-defined policies and procedures to prevent internal attacks.

I would love for Thomas to become interested in a technology career, and I’m sure his expectations will change by then.