The unusual story of Jim Kubicek, an IT consultant and business owner in Cumming, Georgia captured my attention recently. Due to a disagreement with the Cumming-Forsyth County Chamber of Commerce having unpaid bills, Jim’s company KIT cut off its services. What followed was the local Sheriff charging Jim with “theft by extortion”, “computer theft”, and “computer trespass”. All of these felonies could conceivably see Jim spending 45 years in jail. Incredibly, this is a small town with a population of 5,613, so I’d expect people like Jim are known to a large number of people in his local area. This is becoming a far-too-common cautionary tale we can learn from.
By all accounts, KIT has a good standing as a company. Their website is slick and clear. The company enjoys an A+ Better Business Bureau rating, and they’ve even won a local “Best of Forsyth” award this year for Best Computer Repair. By any outward metric that I can see anyway, this business seems like a sound and responsible IT consulting firm. In fact, this even seems like a misunderstanding that spiralled out of control. Kubicek has even taken his story to a crowdfunding site to raise funds for legal fees. The last time I checked it was almost at $2,200. He seems to believe he’s innocent and appears to be fighting the charges.
So, a client agrees to a contract with the IT consulting firm. The IT Consulting firm is then paying Microsoft for a cloud-based service and charging the client. If the client discontinues payment to the IT firm, should the IT firm continue to pay Microsoft for its services? Were there provisions in the contract for this network of connections and payments between the client and IT Consulting firm? We may never know, but as smaller IT companies strive to become more like MSPs (a current buzzword), this connective tissue can really exaggerate client-firm relationship issues.
In another scenario, a fired system administrator decides to delete important system files and reboot his employer’s servers. Naturally, chaos ensues and this person is looking at up to 10 years in prison and a $250,000 fine. In Massachusetts, in another case the former administrator accused of planting a “time bomb” on machines in order to delete crucial data. Expect this to also go to trial with possible jail-time and fines at stake.
It seems like these stories are becoming more commonplace. What are the lessons here? A multitude.
First and foremost, as an I.T. consultant, your customer’s data is a sacred cow. Even indirect effects on the continuity of this data can land you in hot water. Access to this data should never be held back from a client. Your work should be to protect this data; information you don’t own. If you support a client, always make sure they have ready access to all information, even if you aren’t around. Since many clients lack the technical acumen to understand, be sure that even the appearance of “pay for access” is impossible.
If you are a client, be informed. Every single charge brought against Jim in the above case may have been avoided with an engaged customer. Get the information you require upfront. Negotiate contracts so they can be severed. Learn to understand what you’re getting. If you don’t understand, learn. If your support firm won’t help you, respectfully move on or continue the pressure. Don’t just stop paying a contract you’ve agreed to. Be aboveboard about your misgivings and/or bringing in other help (if it comes to that).
As it has become de rigueur for individuals to leave large companies and create self-made MSP firms, many companies are learning they can outsource to save money. While this is often a sound approach, this can lead to serious problems when one or both parties start cutting corners or leaving important details out.