• superkret@feddit.org
    link
    fedilink
    arrow-up
    26
    ·
    edit-2
    5 months ago

    A company making signage and signal lights for road construction, with 15 employees. Their former IT guy had switched all of their PC’s to Linux for ideological reasons and to save money.
    Then they found out that they had a long term contract for an accounting software that housed all their customer and billing data, only ran on Windows and required a server-client model.

    So they hauled in the boss’s private laptop which ran Windows 7, and installed both the server role, database and client software on it. When his employees needed to access the accounting software, the boss had to stop what he was doing and grant them full access to his laptop via teamviewer. When the boss’s laptop was off or he was on vacation, there was no way to access any price info, customer contact info, or financial data (This was during Covid when everyone was working from home).

    The laptop was set up to back up (using Windows 7’s integrated backup tool) to an external drive which wasn’t attached and no one remembered ever existing.

    The Linux server (which was actually a gaming PC) was running and attached to an MCU when my company surveyed their infrastructure, but no one (including the former IT guy) knew the correct root password, and we never found out what it was even doing.

      • superkret@feddit.org
        link
        fedilink
        arrow-up
        11
        ·
        5 months ago

        I had another customer who wrote down all passwords to everything in an unprotected Excel sheet and uploaded it to OneDrive, with the comany’s single, shared Microsoft login being admin@companyname.onmicrosoft.com . The password was companyname in lower case letters with no 2FA.

        And another one who had their server in a shared office that was inside the owner’s privately owned apartment building. During the Christmas holidays, the owner turned off the heating for the office to save money, which crashed the server when temperatures dropped below freezing inside the room.

        Small business IT is wild. It’s one of the main reasons I quit my job at that small MSP and switched to a larger company’s internal IT.