Ask HN: I became interim CTO and want to avoid dumb fuck-ops
Throwaway account
---
Context: small start-up, 3 devs. Company size 10-20.
My boss burned out and has departed which has made me effectively the interim CTO. Let's call him Hephaestus[1]. I am more of what you'd consider an enlightened individual contributor and in am in some part finding myself out of my depth.
When it rains, it pours. As our previous CTO took his leave our PM - who is fantastic - went on maternity leave. We have a new one but doesn't fill her shoes. Other than myself and the non-technical CEO the rest of the organization hasn't really been around long enough to help share carrying the weight yet - they are getting there! I have one other dev who is fantastic and the other one was hired under the premise of being my old CTOs shadow - he was signed before the contract. Unfortunately, experience has shown he is wet behind the ears and I find myself having to pick up the slack not only when it comes to what he can contribute as a dev - he is intermediate at best. Let's call him Koalemos [2].
*The good:* We are managing to stay on top of our work - we've found a way to organize our backlog that gels well with everyone and so the project is progressing nicely.
*The bad:* Where I am finding myself out of my depth is with... let's call it admin? When my CTO left Koalemos was in charge of off-boarding Hephaestus and I think that was done poorly.
Hephaestus is a close personal friend of mine but for the first few months after he left it wasn't even possible to have a conversation with him - he was not coherent and would repeat the same story many times over and over again within the same hour. He's better now, at least coherent and verbal but I try to not talk to him too much about work stuff so he can recover in peace.
One time we did speak after some... pains had happened at work he said he had instructed Koalemos to:
1. Never de-activate a Google workspace admin account, and 1.1. instead sign them out of all devices 1.2. remove 2FA for that account 1.3. set a password for that account.
Instead Koalemos did de-activate Hephaestus's account and instead redirected all of Hephaestus's emails to his own inbox.
That's one of more than one things that Koalemos has done that he were allegedly instructed to _not_ do.
Are there any general rules of thumb for not only Google accounts but other accounts that I can apply to avoid these fuck-ops moving forward?
Like, if I had to off-board Koalemos myself, what should I do?
My experience is more in the lines of cleaning up `authorized_ssh_keys` and Shamir key rotation. This is... not the same.
---
[1] Hephaestus is the Greek god of burnout: https://paleothea.com/gods-and-goddesses/hephaestus-god-of-burnout/ [2] Koalemos is the personification of stupidity https://en.wikipedia.org/wiki/Koalemos#:~:text=In%20Greek%20mythology%2C%20Koalemos%20(Ancient,in%20Parallel%20Lives%20by%20Plutarch.
> Koalemos has done what he was allegedly instructed to _not_ do Instructed by a person that is leaving the company? I'm not surprised Koalemos did it their way. Unless there was a really strong reason about not doing it, why that person cannot do the job their way?
>redirected all of Hephaestus's emails to his own inbox What's bad about it? It's actually god that somebody will be receiving the emails after Hephaestus's departure from the company, its a standard practice when a vital member of the team is leaving.
> Who is the CTO now, you or Koalemos? Technically - neither. He's "Head of tech" but people have started skirting him and going to me directly instead because he always says he doesn't know and has to talk to me on essentially every topic.
> I'm not surprised Koalemos did it their way. Unless there was a really strong reason about not doing it, why that person cannot do the job their way? From my understanding because it did exactly what Hephaestus foresaw - things breaking.
> What's bad about it? Another option could have been to reset the password for the old CTO and then occasionally check their inbox.