Its an old adage and it rings true everyday in technology. Technology executives and management today in many cases are forced to reduce the cost of their budget to the overall business. In reducing expenses it is commonplace to hire junior resources to reduce the IT employee expense portfolio. In addition many jobs are temporary in nature over the course of a business year and contract staff is hired to fill them, in essence to not have to hire and fire permanent employees.
In hiring these contract staff members for temporary assignments, companies seek to reduce cost by hiring more junior contractors. This makes total sense when looking at only salary expenses. But what is often overlooked is the issues caused by lack of experience and one such incident this weekend reminded me of this.
What happened?
A contractor for a large payment processing company made a simple mistake, he replied to an email instead of creating a new one. The bad news is his response had personal credit card transactions in it and he replied to all of the customers that were copied on the standard maintenance email, which was several hundred people. To his credit he tried to recall the message a few minutes later, but it was to late.
What made it worse?
The customer impacted replied, to all, with their frustration about the information being broadcast to all parties and to the fact that following this contractors name were the words “Non-Employee”. Clearly these actions were out of the control of the contractor but made the issue worse. And then several other customers replied to all asking questions if their data had been comprised. A bad problem just got real ugly really fast. I’m sure they may have legal concerns and issues to sort out with this issue not to mention the customer confidence that was destroyed.
How to prevent things like this?
There is no good answer to this honestly. Mistakes do happen so instead of trying to list ways this problem could have been prevented, I want to discuss ways that if it occurred how the impact could have been reduced.
1. Never send sensitive information directly in email – instead send a link to the information in an internal only file share, hence if the email does goes out the information is not accessible to external parties.
2. Strike first – communicate the issue to the affected parties and the path to resolution. The company did but only after several customers replied all to the message making the problem even bigger.
3. Training or experience of resources – make sure the process of validation of tasks is well documented for junior staff if they are key in customer communication.
Recent Comments