The Wrong Risk

Last week I put in a formal request at the day job for a new Mac, as the one I'm using is a personal device and does not have the necessary internals required to keep up with 20% of my tasks this year, and roughly 50% of my tasks next year. I was torn between requesting an iMac and a 15" MacBook Pro, given that I tend to do all of my work from home. Portability is unimportant and, for those rare days when I'm called up to Tokyo or sent overseas for meetings, I could bring my 13" notebook. In the end it was decided for me that a MacBook Pro would be the way to go, outfitted with 32GB RAM and a 512GB SSD. Before the request could be submitted, I needed to provide a list of software that I use on a regular basis in order to show why I was requesting an Apple device rather than a company-standard Dell. Xcode was the star of the show on that document, along with Pixelmator, Automator, and Sequel Pro1 Paperwork completed, I sat back to let management do what management does.

This is when things became interesting.

Apparently one of the managers who I have regularly and openly argued with over the years took offence to my request for a $3,400 computer when a "perfectly good" $3,800 Dell could be ordered, pending approval from the company president2. The argument was that, because the company's system management software didn't run on macOS, the company couldn't adequately manage the device remotely. This was quickly shot down as a justification thanks to the hundreds of unmanaged Windows-powered Dells that continue to circulate throughout the organization. Not willing to give up, the next argument was that the support staff in IT didn't have the requisite knowledge to configure and maintain a Mac, so one couldn't be ordered. This, too, was shot down quickly by pointing to an order for a replacement iMac that would be used by someone at HQ. But then came the argument that would apparently solidify the attempted veto of my hardware request: I have too much access to the corporate databases, making me a risk to the company. Therefore, I should not get a Mac but, instead, a very locked down Windows 10 machine that would monitor everything I did and send a detailed summary of my activities every hour.

I had to laugh.

Yes, I do have a great deal of access to company data. I have access to a lot of databases for schools around the globe3, all of which contain information that is none of my business. A leak from any of these systems would be cause for serious concern and would result in a lot of bad publicity and, potentially, lawsuits. A lot of my colleagues would find themselves out of a job, and I would likely be unemployable for the rest of my life. All of this is true. But it's also the wrong risk that any manager should prioritize for employees who have proven themselves time and again to be very aware of the responsibilities they've assumed.

A Greater Concern

Many companies succeed not because of what's in a database but because of the people who invest time and skill in the pursuit of something better. The greatest risk that I pose to my organization is not as an information thief. Selling student lists or employee passport numbers is neither interesting nor worthwhile. If people are going to worry about what damage I might cause, they need to think a little grander. They need to consider what would happen if I left to start my own business4 and took some people with me. This is the risk that I pose my employer, and it's a risk that a lot of companies have to deal with when ambitious people think "Hey, why am I playing the corporate game when four of my hard-working, intelligent colleagues and I all really want to do something else?"

Many of the successful entrepreneurs I've met over the years have the same story. They were unhappy working for someone else for whatever reason, so they left to do their own thing. Some were able to hire former co-workers after a year or two. One that I know of founded their business with two colleagues5. Given my track record, this is what people should be looking out for. Not low-brow theft6.

The manager in question, clearly having nothing better to do with their time this week, has invested quite a few of her hours — and those of her staff — by trying to find all the reasons I should not receive the hardware I requested. She's even gone so far as to investigate ways of either limiting my access to systems I am 100% responsible for or tracking everything I do that is related to the day job. The last bit I can kind of understand, despite the horse leaving the barn years ago, but the rest is just pettiness. Our history of disagreements have been documented on this site and at the day job to some detail but, at the end of the day, the risks identified are nothing even remotely close to reality.

  1. These are the core Mac-only applications that I use. The others I can find decent alternatives for if running Windows or Ubuntu.

  2. All hardware purchases over 300,000円 (about $2,800USD) must be approved by two mangers and the president. Fortunately, he and I have a pretty good relationship, so there shouldn't be any concerns in that regard.

  3. This access is all done through secured, monitored, remote desktop sessions where copy/paste has been disabled. It's a right pain in the ass, but this means the data never physically resides on my computer. Moving data from the servers to my machine would be spotted pretty easily unless I'm siphoning off a couple of kilobytes of data per hour.

  4. I've openly stated on this site that one of my goals for the near future is to be self-employed.

  5. Their managers must have been quite upset to lose not one, but three competent people at the same time.

  6. I've often said that if I do turn to a life of crime, it's going to be worthy of a Hollywood movie featuring Jason Stratham. If my line of work runs the risk of spending years in prison, it better be worth it. Have you ever wondered what might happen if a country's largest bank suddenly lost all of its money in a well-executed digital heist? I have.