Comment by johnnyanmac
8 hours ago
>No amount of beating low level employees will change whether they can accept pdf sent by email or not.
I disagree. I'm sorry Karen here needs to bear the brunt, but if this kept up, at some point Karen's boss will take notice, And then it moves up the chain to someone who can affect that policy.
Companies purposefully set us up to communicate bottom-up, so we can either play the game or break the law.
>People who are responsible for overreaching unreasonable security rules ... are basically us
No, it'd be a policy maker or CEO who thinks we're in the 90's and that secure email documentation isn't a thing. "We" could suggest so many ways to handle it that would save costs while being more secure. We're not much higher on the totem pole than Karen.
Yet suddenly, we get these incidents and our bosses are suddenly rushing to IT to find a solution. As if 6 months of deliberation wasn't enough.
> I'm sorry Karen here needs to bear the brunt, but if this kept up, at some point Karen's boss will take notice, And then it moves up the chain to someone who can affect that policy.
That’s a hilarious fantasy you have here.
I sorta feel there's as much fantasy on the other side. The situation as is—the concrete one we're discussing here—exists. You're voting for a version where this person doesn't complain through the methods designed for it and instead writes to the CEO or something and has things fixed that way. Or possibly just doesn't complain about being screwed at all.
The system is largely bad. That's mostly agreed by each side. I feel like what you're asking for—to treat others as humans—is right and yet only going in one direction. There's a disagreement between the company and the customer and instead of showing up the company disingenuously gives you an unrelated powerless person to speak to. The expectation is that you shouldn't count them as the company, you count them as a human—and you're supposed to do that _because_ the company underpays them and gives them no power.
If the author didn't abuse the fax, why would anyone notice the process was broken. It's only by abusing the existing process that change will be triggered.
You see this all the time in cybersecurity. Nobody cares until there's a breach. Nobody would care if he faxed 25 pages and mildly inconvenienced Karen, but by faxing 500 pages and inconveniencing the whole office, it's going to start something. Even if it takes them another 5 years to fix the process, it's a start.
Realistically, the change will probably be "no more than 25 pages of evidence required". But that's also a win for the person being asked for it.
I'm open to options. Not doomerism "the system can't be fixed" mentality. I don't like to think of myself as combative. Ideally we get listened to in council and they properly pull what strings are needed to help.
But this has been my reality. Employees can evangelize for months for better security, but then a (very avoidable) hack happens and suddenly the budget for it appears out of thin air. Being a nuisance (or letting nature take its course, in the perspective of an employee) is much more powerful to these kinds of organizations than words.
> But this has been my reality. Employees can evangelize for months for better security, but then a (very avoidable) hack happens and suddenly the budget for it appears out of thin air.
So your lived experience indicates that harassing front-line low-level employees about it does not work because they won't be listened to. Why, then, are you advocating for harassing front-line low-level employees?
Go for the people who can actually set policy: ministers, representatives, council, agency boards, managers. When you call, rather than take it out on the employee request to be transferred up.
And even if you don't have the energy to keep fighting after your own case has been fixed (a very common remedy when it's usually much easier to grease the squeaky wheel than to actually fix the axle), try to leave information on your process and contact points in accessible locations so that those afterwards can start a step or two ahead.
1 reply →