comment on

Handle this very carefully.

It's likely that the person that tagged your code as "insecure" manages (or is) the developer that would have been assigned to the project--meaning you may have inadvertantly triggered a turf war.

How? In my experience, companies of the size you're talking about plan projects long before code gets written. They allocate resources, draw up specifications, etc. and so on. It's weird, but it's easier to get a $300,000 project approved than a $3,000 one--even when the latter project will save more money in the long run.

Furthermore, most dev. teams in such shops have huge backloads. It can take a year or more for "permission" to start coding. During this time, middle managers wanting more people, budget, training, power, or whatever are dueling with senior managers wanting the same and to hold down costs. This is especially true in large organizations where some fear the next re-org.

As a result, project estimates are frequently inflated, in terms of cost and development time. What seems like a simple 40-hour job may be estimated at taking six to nine months to complete. It sucks, but that's the way some companies work.

Now, imagine yourself in such a position. You're bidding this project at, say, six months of dedicated time by however many developers. And you're close to getting approval. It's taken three months of wrangling, but you're almost there.

Suddenly, this upstart no one's ever heard of (from Tech, of all places) comes along and shows a working version written in four days. At the very least, senior management is going to want to know why that was possible when your estimates were far longer. It's clear you need to discredit it and to do so in a way that will sound good to your budget minded, but non-technical superiors. So, you play the "security" card.

Now, I'm not saying that's what happened, but I have seen it done before. And, yes, I'm speaking from experience.

A number of years ago, I wrote a little program that would save countless hours and tens of thousands each year. I demoed it to the people that would be using it, generated some enthusiasm, made some fixes...and got abruptly shut down by a senior manager that was as technical as a fish in a locomotive.

Furthermore, I handled it badly. I blew up, made a lot of disparaging comments, and very carefully dissected the senior manager's skills and reputation. I felt smug in my moral and technical superiority. I also lost my job a few weeks later. It was called a "reduction in FTE's" in public, but my manager told me (off the record) that the manager I'd embarassed (his superior) had me fired.

Now, that was a long time ago and I spent a lot of time thinking about other ways I could have responded. My working theory is:

First and foremost, I should not have lost my temper. Period.
I should not have disparaged the senior manager--especially in public.
I should have accepted that there could be ways to improve it and asked the senior manager if he could spare some time to offer suggestions or to perhaps help find ways to "leverage" the "prototype" I'd written.
During that talk (assuming it took place), I should have asked how I could help him best achieve his goals and then listened very carefully.
I should have worked with my manager before publically demoing my work and gotten his input on how to deploy it most effectively.

I really hated losing that job. While it wasn't the best one I ever had and I did end up with a better one (in Silicon Valley, no less), I always felt I'd been, um, had....and only because I was trying to do the best thing for the organization and because I'd been honest. Furthermore, I was right. Yet, I was the one that got fired.

I think diplomacy is your best weapon at this point. Be tactful and try to co-opt the person(s) who shot your code down. Make darned sure you give people graceful ways out of an untenable situation...even if that means taking a little heat or giving them credit for "saving" your code. Do you deserve it? No. However, having your code actually deployed should help make up for it in the long run. It's probably not going to be easy, but gentle persistence should help.

On the other hand, you may need to simply let it go. Above all, be discrete and respectful--especially when dealing with managers and senior personnel.

In closing, here's a relevant quote (blacked out because some may find it offensive):

Unless you intend to kill him immediately thereafter, never kick a man in the balls. Not even symbolically. Or perhaps, especially not symbolically.
-- Robert A. Heinlein, Friday

--f

In reply to Re: Management that just doesn't understand by footpad
in thread Management that just doesn't understand by the_slycer

Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!

Titles consisting of a single word are discouraged, and in most cases are disallowed outright.

Read Where should I post X? if you're not absolutely sure you're posting in the right place.

Please read these before you post! —

Posts may use any of the Perl Monks Approved HTML tags:

a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr

You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)

	For:		Use:
	&		`&`
	<		`<`
	>		`>`
	[		`[`
	]		`]`

Link using PerlMonks shortcuts! What shortcuts can I use for linking?

See Writeup Formatting Tips and other pages linked from there for more info.