Mental Exercise in Ethics

MrJimbo19MrJimbo19 Member Posts: 49 ■■□□□□□□□□
I am relatively new to this forum, I have been a silent stalker for years but just recently decided to start participating. I am glad I have as the community has been great with advice and general know how.

About a year ago I went down the path of being self employeed because of an issue I had with my former employer. I was always doing some work on the side so I was lucky that I had that to fall back on when I made the rather sudden decision to literally walk out on them in the middle of a job. Other then my immediate family I have never looked for any advice on how I dealt with the situation but I'd like to get some other IT Pro's opinion on what I saw and what I did... If you are so inclined here is my story.

I started working for the company in January of 2013, they work in a specialized field and deal with a lot small to mid size server installs and client support. I really enjoyed the work but noticed things seemed weird with the server/client installs. We as techs were never allowed to activate or register the OS's. The two owners handled that part of the job before the equipment left the office, I had thought this weird but had never worked in a support role of this type and chalked it up to them being paranoid about license keys. I started to get suspicous when I asked for a license key on a system so I could look into setting up a remote alerting process on the servers. The current process at the time was to manually check each system. they refused saying they did not have a license ready and that was the end of it.

On May 10th I was sent with 2 other techs to do an install at a clients office. We were waiting for the client to shut things down so while they were working I had a chance to finally talk with one of the other senior level techs. He mentioned to me that we needed to check the server to make sure they activated it with a "good" key. I laughed and said something like "as opposed to a bad one" and that's when I found out the company was using illegal copies of windows, office and server 2008r2. I asked the other tech a bunch of questions; How long has this been going on, Why are we billing customers for the software that is not legit, what happens when they ask for a license key or leave etc... He told me that they would just buy a copy of the OS when the problem came up and that otherwise they used the same copy for every system and just disabled activation.

I sat there thinking about why this felt so wrong and decided that I needed to speak with the owners. I called the owner that hired me and explained my concern. His response was that if I did not like it then I should leave, I said that's exactly what I would do and walked out from the job and went back to the office to turn in my immediate resignation. The following Monday they called me into the office and asked me if I would stay, I said that I would as long as they refunded the customers who they defrauded and get current on all software licenses. They asked me to leave the room and wait outside. About 20 minutes later they called me back in and said that it was a pleasure having me onboard and good luck. I walked out and have been privately consulting since.

What I am looking for from those of you brave enough to read my wall of text is the following...

- Is this common in our industry for consultants to use non-legal software?
- Was I right to walk out or should I have given more notice?
- Should I have known something was up sooner, should I have dug into the systems and looked for an issue?
- I am doing consulting while I get my butt back in school. Long term I want to get into healthcare in a hospital setting. How would you explain not being able to call the last "official" employer. I can show a copy of my resignation which says why I left but would that be "petty"?

I appreciate any insite you may have, again thanks for a great place to talk to fellow IT Pro's at.

Comments

  • deth1kdeth1k Member Posts: 312
    Can't comment on how common that is in US however I can't see why you can't put them on your CV, after all they won't give you bad reference you can guess why...? :)
  • iBrokeITiBrokeIT Member Posts: 1,318 ■■■■■■■■■□
    Wow, just wow! I mean I have heard of admins occasionally using a piece of unlicensed software in production here and there because their company is too cheap to buy it but I have never heard of a MSP passing off illegal software as legitimate software! Although both are illegal.
    MrJimbo19 wrote: »
    - Is this common in our industry for consultants to use non-legal software?

    I wouldn't say it's common but it does happen
    MrJimbo19 wrote: »
    - Was I right to walk out or should I have given more notice?

    Absolutely, I would have done the same.
    MrJimbo19 wrote: »
    - Should I have known something was up sooner, should I have dug into the systems and looked for an issue?

    Not really your place but once you learned of the issue you took the appropriate action to contact your boss and discuss it directly.
    MrJimbo19 wrote: »
    - I am doing consulting while I get my butt back in school. Long term I want to get into healthcare in a hospital setting. How would you explain not being able to call the last "official" employer. I can show a copy of my resignation which says why I left but would that be "petty"?

    I would definitely explain to the potential employer that you had moral issues with company's licensing practices and you both agree to part ways amicably.

    Additionally if I were in your situation I would contact a lawyer to have an initial consultation about the fraud committed by your employer. I would feel a moral obligation to notify their clients of the fraud committed against them but wouldn’t do so without the legal backing of lawyer due to things like NDAs.
    2019: GPEN | GCFE | GXPN | GICSP | CySA+ 
    2020: GCIP | GCIA 
    2021: GRID | GDSA | Pentest+ 
    2022: GMON | GDAT
    2023: GREM  | GSE | GCFA

    WGU BS IT-NA | SANS Grad Cert: PT&EH | SANS Grad Cert: ICS Security | SANS Grad Cert: Cyber Defense Ops SANS Grad Cert: Incident Response
  • bermovickbermovick Member Posts: 1,135 ■■■■□□□□□□
    99% agree with iBrokeIT. The last paragraph I don't disagree with, but I don't know if I'd do that or just walk away.
    Latest Completed: CISSP

    Current goal: Dunno
  • PlantwizPlantwiz Mod Posts: 5,057 Mod
    Why did you not just report the problem?
    https://www.microsoft.com/en-us/piracy/reporting/default.aspx


    With this much time after the fact, I guess it causes me to wonder what your motive may be at this point? Chances are, they have gone and corrected things and since you are no longer a witness, assuming any wrong doing today would be a mistake.

    I suppose legal counsel may be helpful, particularly if you have an NDA with the employer, usually employees who depart organizations report the problem immediate on departure.

    You do have some responsibility in matter if you are holding any MS certs, quitting merely allowed a blind eye to the problem, not a fix or stop.

    FWIW
    Plantwiz
    _____
    "Grammar and spelling aren't everything, but this is a forum, not a chat room. You have plenty of time to spell out the word "you", and look just a little bit smarter." by Phaideaux

    ***I'll add you can Capitalize the word 'I' to show a little respect for yourself too.

    'i' before 'e' except after 'c'.... weird?
  • MrJimbo19MrJimbo19 Member Posts: 49 ■■□□□□□□□□
    That's a valid point, I wish I could tell you some amazing reason why I did not report the problem. Reality is that I liked a lot of the people I worked with and thought that by reporting them the company would shut down and they would loose their jobs. That does not excuse my place in the problem but that was my mind set at the time.

    As for my motive, a year after that fact I feel like I have reflected enough on it at a personal level and am willing to take the criticism that will come with making a wrong choice. I asked those questions at the end of my novel above as a way to get some feedback from the tech experts and students alike. I can pretend the issue is a grey area all I want but the reality is that it is black and white, they did something illegal and I saw it happen and left rather then involve the authorities.

    Since I left I have taken a course on licensing the software in question so I better understand what is considered legal versus illegal useage.

    I appreciate the other comments as well. It's good to get feedback on the issue and see how I could (should) have done things differently.
  • IS3IS3 Member Posts: 71 ■■□□□□□□□□
    I did the same thing (left the company) when i used to work at a local computer repair shop. Every time they reformat the OS they would have me go and look in the back room to find used OS keys from old laptops to be used, and even when there is a new build they would use old keys from other PCs. Sad but it happens... icon_cry.gif
    :study:
  • PlantwizPlantwiz Mod Posts: 5,057 Mod
    So make the report now. However, with the delay in time, they very likely have corrected their practices.

    FWIW - frequently, there are fines involved and loss of endorsements, not so much as MS going in and firing people.


    As to IS3, while it is sad, it does not need to happen. It is a choice.
    Plantwiz
    _____
    "Grammar and spelling aren't everything, but this is a forum, not a chat room. You have plenty of time to spell out the word "you", and look just a little bit smarter." by Phaideaux

    ***I'll add you can Capitalize the word 'I' to show a little respect for yourself too.

    'i' before 'e' except after 'c'.... weird?
  • paul78paul78 Member Posts: 3,016 ■■■■■■■■■■
    MrJimbo19 wrote: »
    As for my motive, a year after that fact I feel like I have reflected enough on it at a personal level and am willing to take the criticism that will come with making a wrong choice.
    If nothing, it sounds like you have experienced the shady side of business practices and well done for at least realizing that it is not only unethical but illegal. Hopefully it's a growing experience. It takes a lot of courage to just leave a job so well done that you took that stand.

    Also - aside from the Microsoft link provided by @plantwiz - reporting software piracy can be made to the industry group BSA at BSA | The Software Alliance. You can report anonymously.

    @iBrokeIT - contacting a lawyer as the first step is not really necessary. An NDA is generally not enforceable if used to protect illegal activities - especially in private sector. Additionally, I believe some states may even have whistleblower protection.
  • PlantwizPlantwiz Mod Posts: 5,057 Mod
    Yes, Paul has the better link! Thank you!
    Plantwiz
    _____
    "Grammar and spelling aren't everything, but this is a forum, not a chat room. You have plenty of time to spell out the word "you", and look just a little bit smarter." by Phaideaux

    ***I'll add you can Capitalize the word 'I' to show a little respect for yourself too.

    'i' before 'e' except after 'c'.... weird?
  • UkimokiaUkimokia Member Posts: 91 ■■□□□□□□□□
    Sort of similar story with a friend of mine who use to work at a grocery store, and after a couple years working there the managers decieded instead of actually cleaning anything like knives, meat cutters, insides of refridgerators and other stuff like that they would just spray paint everything to look and stay clean. So my friend quit, because he didn't think he was being paid enough to poison people. Come to find out from a manager at a Target it's actually fairly common for grocery stores to do that sort of things. Crazy
Sign In or Register to comment.