When that didn’t work, he pounded on the doors and walls and shouted threats at the staff.
They were astoundingly lucky.īob tried to kick the ward’s doors open. Second, one of the obstetrics nurses saw Bob coming and locked the ward doors before he could barge in and threaten the pregnant women waiting to be seen. The OB/GYN ward was doubly fortunate: first, Bob didn’t bring any weapons with him. He simply drove on post, parked in front of the headquarters suite, strolled through the front door, and stormed back to his former ward to raise hell.
True to form, Bob came back the day demanding his job back. The fired employee – let’s call him “Bob” – strangely didn’t stop being a disruptive, rule-breaking, confrontational jerk after he was fired (I know, right?!). This naïve thinking turned out to be predictably wrong. Who thought we’d need rent-a-cops in a military hospital? The place was crawling with squaddies no one would ever cause trouble. Similarly, the hospital’s doors weren’t locked during the day and there were no security guards on staff. There were no gate guards checking IDs or turning away unauthorized civilians. The installation was an “open base” meaning anyone could simply drive in or off it on a whim. Unfortunately for everyone, the was the pre-9/11 military. The OB/GYN chief insisted that she’d followed the discipline process, including counselling, admonition, a performance improvement plan, suspension, and finally termination as a last resort (as you do). The pink-slipped fellow had (we were later told) been disruptive and abusive in the workplace. Joe’s situation came to a head one day when the chief of the Obstetrics and Gynaecology ward fired a disruptive civilian employee for cause. He was as superfluous as you could get and still anchor a position on the org chart. 90% of his “job” consisted of attending meetings and filing reports. Joe had no budget, no equipment, and no authority to make or enforce policy. Where I supervised a staff of ten, the hospital’s “security” office consisted of Joe nd one enlisted clerk. Joe’s situation was the complete opposite of mine. Back then, only a few arrogant jackwagons – almost always doctors or pilots – felt they were entitled to argue with me about my area of expertise. I was given my own budget, was trusted to make technical architecture decisions, and was generally left alone so long as the core IT services remained available.
The biggest difference between our roles came down to “authority.” As a head of IT in the nineties, very few people in the hospital understood computers or networks enough to gainsay my decisions. The Army was suffering from one of its periodic manpower purges which allowed young bucks like me and Joe to get choice postings 5-10 years before we should’ve been eligible for them. We were both young first lieutenants, performing jobs that would normally be assigned to a senior captain or a major. I watched a great example of the latter play out back in the nineties at a military hospital. That way you’re always right but will never be around to take the blame when things inevitably go pear-shaped. It’s often joked inside our community that the only way to “win” at cybersecurity is to be a consultant: that is, get paid to give good suggestions to indifferent clients that will never be implemented. You bust your tail trying to outguess and outmanoeuvre your adversaries, then take hell from your business partners for either being too restrictive (by implementing effective controls) or for being ineffective (by accommodating the business’s refusal to implement effective controls). Security is often a thankless profession.