Data Analyst Maliciously Complies After Not Getting Direct Access To The Database They Need For Their Job
Sometimes companies have rules that just don’t make sense and they actually prevent people from doing their jobs. No one knows why they exist and why they’re not changed so the only options that are left are to just accept it or abuse it to the point where the authorities will see how problematic it is.
The latter is what Reddit user node_of_ranvier did when they were denied access to a database. They couldn’t use it directly, only by submitting a ticket to request the information they needed. That took too long and stopped processes that needed to proceed, so the Redditor spammed the IT workers with tickets to achieve the goal of having access to the database.
More info: Reddit
A data analyst shared how they submitted hundreds of tickets to IT to make the head of IT want to give them access to the database
Image credits: Andre Charland (not the actual photo)
This is a longer story, but it’s definitely worth reading. If you go through the comments, people are amazed and fascinated at this malicious compliance that is a textbook example of seemingly innocent maliciousness and getting things done your way in the end.
So the Original Poster (OP) tells a story that occurred in 2018 when they worked as a data analyst at an ed-tech company. If it’s your first time hearing about educational technology, it’s essentially combining IT tools with educational theory to make the learning process easier and more efficient.
Image credits: node_of_ranvier
The Redditor made a report that helped the sales team to convince clients to renew their contracts
Image credits: node_of_ranvier
The company sold products and to prove to the clients that the products were well used, the OP thought that it would be a good idea to create reports about it to clients whose contacts were coming to an end. Then the sales team would have solid arguments why the clients should continue working with the company.
The reports were well liked and the biggest client was convinced to renew their contract, which was great news for the company. Not only that, the report was seen as such a good idea that the OP was asked to do them for all of the 5,000+ clients they had.
Image credits: node_of_ranvier
Now the OP had to do those reports for all their 5,000+ clients, but the problem was, they didn’t have access to the database and they were not granted it when asked
Image credits: node_of_ranvier
The Redditor node_of_ranvier started working on automating the process to make it more time-efficient, but the problem was that they needed information from the database, but they worked in the Research department, which didn’t have access to it.
They had to submit a ticket to the IT team instead and with 1 ticket, they could only submit 1 client’s name. On top of that, the IT department did their work in 2-week sprints, meaning that they would get back to you with the information you needed only after 2-4 weeks, which wasn’t great as the OP had to cooperate with the sales team, who didn’t plan that much ahead.
Image credits: node_of_ranvier
So the employee asked a list of clients who were due to renew their contracts and decided to submit the requests all at once
Image credits: node_of_ranvier
The logical thing to do here was just get direct access to the database so the data analyst could just take the information they needed by themselves immediately. However, their request was immediately denied because only the IT team could access the database and the OP had to use the ticket system.
So a malicious thought came into the OP’s head. They went to one of the sales managers to ask which clients would have to renew their contracts in the nearest 2-4 weeks and got a list of about 400 clients.
Image credits: node_of_ranvier
The IT team were struggling to keep up, but they took care of all the tickets, even if that meant they were working overtime
Image credits: node_of_ranvier
What is important to note here is that the IT team plans their work one day before a new sprint begins and they have to resolve all the tickets they receive on that day during the next sprint, no matter how many tickets they get.
The OP knew that and found out when the new sprint should have begun. They waited until that day, calculated how long it would take to submit all those tickets, and spent all that day spamming IT with their requests.
Image credits: node_of_ranvier
A fun fact for the OP and not so fun for the IT team is that when someone submitted a ticket, the IT workers would get a push notification and when they were getting tickets every minute, that must have been frustrating.
But the IT team was doing their job and the OP was getting all the data they needed. The Redditor admitted that they were impressed with the job IT was doing and saw that they were working after hours too, just to keep up with the workload.
Image credits: node_of_ranvier
When the OP wanted to repeat the same thing the next time, they were interrupted by a worried head of IT who at last granted them access to the database
Image credits: node_of_ranvier
But the day before the next sprint, node_of_ranvier did the same thing: they went to the sales manager, requested a list of clients who were nearing the renewal of their contracts, and started submitting the tickets.
This time, after an hour of doing that, the head of IT came to the research department and asked how many tickets they would be submitting this time. The Redditor exaggerated a bit, saying it was going to be the same amount as the last time, and they claim they saw how the head of IT broke inside.
Image credits: node_of_ranvier
The OP didn’t want IT to be overworked or stressed about all these tickets, they just wanted to be able to do their job well and in time, so they didn’t continue with the tickets and asked again if they could have access to the database. This time the people in charge realized why the data analyst wanted access in the first place and gave them all the authorizations they needed.
So, if you came to the end of the story, was it satisfying for you to know that the OP got what they wanted? It was quite a genius plan and nobody could say they were trying to spam the IT team because they were just doing their job as best as they could in the given circumstances. What are your thoughts on this? Let us know in the comments!
People in the comments admired the malicious compliance and applauded the OP for getting what they intended to reach
Image credits: __hotdogwater__
Image credits: mysteresc
Image credits: Eagleheardt
Image credits: nictheman123
Image credits: CoderJoe1
Image credits: fullmetalguy
Image credits: alumpoflard
33Kviews
Share on Facebook
Does anyone here actually read all the text in between the stuff cut from Reddit? I don't know why these always have someone explaining what is already evident in the original text
It's so they can say that BP has original content ;-)
Load More Replies...
Working in IT, I can see why the IT team would not want to let someone from another department have direct access to the database. They could have made their lives a lot easier though by directly linking the database to the researcher's report system so he could automatically generate the reports on request.
I first read the headline and my hackles went up - there are myriad excellent reasons not to just give someone (even a data analyst who knows their way around MSSQL) access to a database. But access comes at many levels, and unless you believe your analyst is going to take the data and manipulate it so it no longer resembles what is held in the database (e.g. gives the impression that the database holds a less than representative sample of customers or whatever), there's this little thing called read-only. Can't do any damage to the data or the code, but can extract data to their hearts content. Depending on how they've set up the database, there are also plenty of front end GUIs designed to allow access to database backends for user-created queries. Really, and I'm not one to diss IT, but they really made it hard for themselves with this policy.
I reckon they running reports off a transactional system, with 400 users that's a lot of page reads and a fair bit of index management. They should be warehousing it and reporting from there, it takes the load off the transactional system. But then the company sounds a bit 541t tbh.
Load More Replies...
Does anyone here actually read all the text in between the stuff cut from Reddit? I don't know why these always have someone explaining what is already evident in the original text
It's so they can say that BP has original content ;-)
Load More Replies... Working in IT, I can see why the IT team would not want to let someone from another department have direct access to the database. They could have made their lives a lot easier though by directly linking the database to the researcher's report system so he could automatically generate the reports on request.
I first read the headline and my hackles went up - there are myriad excellent reasons not to just give someone (even a data analyst who knows their way around MSSQL) access to a database. But access comes at many levels, and unless you believe your analyst is going to take the data and manipulate it so it no longer resembles what is held in the database (e.g. gives the impression that the database holds a less than representative sample of customers or whatever), there's this little thing called read-only. Can't do any damage to the data or the code, but can extract data to their hearts content. Depending on how they've set up the database, there are also plenty of front end GUIs designed to allow access to database backends for user-created queries. Really, and I'm not one to diss IT, but they really made it hard for themselves with this policy.
I reckon they running reports off a transactional system, with 400 users that's a lot of page reads and a fair bit of index management. They should be warehousing it and reporting from there, it takes the load off the transactional system. But then the company sounds a bit 541t tbh.
Load More Replies...
133
36