Hi everyone,
I’m facing a challenging situation at work and could use some advice. I work as an IT support specialist at a family-owned health business, and my boss has repeatedly refused to upgrade an outdated Windows 7 system despite significant security risks and operational issues. The system is no longer supported by Microsoft, is vulnerable to serious exploits, frequently crashes, and has outdated BIOS firmware.
I’ve asked my boss multiple times over the past two months to upgrade the system, but he has consistently refused, insisting that we have enough security measures in place. However, I’m not confident in these security measures, as the system is connected to the internet and it can literally be hacked by a exploit within the operating system, potentially bypassing all of our firewalls. (e.g. EternalBlue, BlueKeep)
I’ve prepared a new desktop with Windows 10 as a backup, ready to be deployed if the current system fails. I’ve also laid out a plan that would cause minimal disruption, allowing the employee who uses this system to temporarily use the software on his laptop while we make the switch. Despite this, my boss still refuses and has become visibly frustrated with my repeated requests. I’m worried about getting fired for taking the initiative to address this critical issue. The employee has been asking for a new system for the last 2 months.
The Windows 7 system connects to our main server to access a specific piece of software via the web browser. We host it locally, the software basically tracks all the equipment/infrastructure around the warehouse. It would be a straightforward replacement, but my boss’s resistance and erratic behavior make it difficult to move forward.
I’m considering talking directly to the owners about this issue, as my boss’s refusal puts our operations at risk, but I’m concerned about potential repercussions. I want to ensure I handle this professionally and protect myself from any blame if a security breach occurs.
Most of my requests have been verbal, and an email I sent to my boss about upgrading was never responded to. I’m looking for advice on whether I should discuss this with the owners directly, the potential risks and benefits of taking this step, and how I can best document my efforts to protect myself. I definitely feel like I’m going to be used as a scapegoat. I’m also planning on seeking employment elsewhere after I get my Network+. This is my first IT job, I’ve only been working here 3 months and I already want to leave.
I appreciate any advice or experiences you can share. Thank you!
You need a new job.
Should I start searching now or wait until I get my Network+? I have my A+ right now, but I’m probably not going to get my Network+ until 3 months later. I have 3 months on the job here so far, I’m 20 years old and get paid $55k/year.
Counterpoint - almost all jobs will have elements of this type of stressful fuckery. Use it as a learning experience, and do your best to navigate the constraints while maintaining professionalism and value to your employer.
It’s a balance; if it’s truly soul destroying then your health and happiness is more important, get out. However, the more you learn how to deal with this, the less likely you are to burn out in other jobs when they get shit like this. Not so that you can just suck it up and grind away for awful bosses, but so that you can give yourself the maximum options for you, and stress less while going through it.
You already seem to have the right mindset about trying to do this right, so the one thing I’ll say is this: everything in writing, straight away. It’s easy to get too relaxed about this when it’s all going smoothly, but then something catches you out and it’s too late (eg already been told not to bring it up again).
This part will feel awkward, but to protect yourself, you need to send your boss an email summarising your conversation and your understanding of the outcome (not updating). Frame it as a “I hear you, and I apologise for my previous insistence” if it helps smooth things over, but just make sure it outlines your previous queries and suggestions and their response to you. It’s the only way to cover your own butt in these situations, and it’s a great habit to get into after every conversation that has decisions or changes etc. Put it in writing as a summary: you can refer back to it later and it let’s the other person know you understood their position / instruction
deleted by creator
Not my field and i don’t know anything about this. But it’s clearly a stupid job that’s going to fuck you up.
You’ll quickly learn that money isnt everything. The stress of this nonsense will eventually kill your work ethics. Start looking now.
See what you can get by putting some subtle feelers out. Talk to a recruiter or two. Best time to search for a job is while you have one, but you don’t have to commit to it full time unless shit really hits the fan. You’re more likely to get written up than fired initially anyway if he’s not the owner, erratic or not he has to answer for that.
Continue working towards whatever certifications you want in the meantime, especially if the job pays/reimburses you for it.
Start looking now. Tell prospective employers that you’re working on the certification and include it in your CV (as a work in progress, ofc). Job searches take a long time, and the sooner you start, the sooner you’re out.
Edit: @MrBobDobalina@lemmy.ml has exactly the correct approach for getting it in writing. Keep it professional, emotionless, as close to an accurate summary of the situation and the decisions made as possible.