New entrepreneurs don’t realize that a falling out with a technical resource is potentially one of the most dangerous times for their fledgling business. I have talked to entrepreneurs who have lost their websites, their customer lists, their emails and even their bank accounts.
If this happens to you, you will waste weeks or months scrambling to regain control, and in some situation you never may again. Fortunately, avoiding this situation is very easy, if you just know a few simple tips.
1) Your domain name:
You register your domain name with a company called a registrar. The registrar lets you setup different contacts for the administrator (the owner) and technical contact (the techie).
It’s vital that your techie set you up as the administrator, and not themselves (which unfortunately happens to a lot of entrpreneurs because they don’t know to ask). If your techie is the administrator, and you have a falling out, they will own your domain name…even if you paid for it. And they will have every legal right to ransom it back to you, keep it for themselves or even sell it to a competitor, and you’ll have absolutely no recourse.
So make sure you tell them to make you the administrator, and then verify afterwards that they did what you instructed. To confirm, just go to a WHOIS site like http://www.networksolutions.com/whois/index.jsp . Type in your domain name and you can verify the official record. If something is wrong, immediately call your registrar to get it corrected.
2) Your hosting provider:
Once your website is coded, a company called a hosting provider stores your website on its server and allows it to be seen on the internet.
Unfortunately this is also an area where many naïve entrepreneurs lose control. There is also an administrator on this account, and if you are not it and you have falling out, your techie can take control of your website. You might be able to take the expensive and time consuming step of suing them to get it back. But even if you succeed it will be slow, and they will have plenty of time to deface it, destroy it or give it away to a competitor.
So after your techie sets it up, you need to call your hosting provider and verify that you are the administrator and not your techie. Specifically ask them what protection features they offer to safeguard against a rogue techie. They should tell you how to ensure your techie has a subaccount with minimum permissions. If they don’t have any protections, then switch to a provider that does.
3) Minimum permissions:
This applies not just to your hosting provider sub-account, but any account you give your techie access to (gmail, secure certificate account, etc). You need to make 100% sure they have all the permissions on the account to do what they need, but not a bit more. This is called the concept of “minimum permissions”. If you are unsure how to do this, then contact the provider of that account and ask them how to set this up.
4) Unique passwords:
Many people hate passwords and use the same one they’ve memorized for all their accounts. If you do this, you may think you’re being smart, but you are actually playing with fire. Once you give access to your techie on any of the accounts (or they guess it), then they will have access to everything. As an example, one entrepreneur gave a techie the login to their gmail account, and didn’t think about the fact that it was the same password as their bank account. After the falling out, he was shocked to find that not only were all his email deleted but his bank account was cleared out. Don’t put people into a situation where you tempt someone to do something horribly wrong. Protect all your accounts with unique passwords.
The best way to do this is to have a master document where you store all your password. Of course, you should protect this document like you do your passwords: hide it someplace non obvious, encrypt it in case it falls into the wrong hands and have a backup somewhere. If the information is particularly sensitive or involves very large sums of money, it is worth it to invest in a safety deposit box.
5) Kill Access ASAP:
If you get into a disagreement with your techie and are forced to fire them, many people might look for a stiff drink or call their significant other to tell them what happened. Those are all fine things to do, but before you do that, the first thing you should do is immediately close every account the techie had access to (or at the least change the passwords).
One company fired a particularly bad employee and neglected to follow this rule. The techie logged into the system after hours, copied personally embarrassing emails on the company server and then distributed them to the public. At another company, the techie remotely grabbed their customer list and took them to a competitor, which helped him procure a job there. You don’t want this to happen to you, so kill access ASAP.
