The SECRET WORLD of Greg Kisela

by Ted Noftall
5:34 PM
to Patrick, Hank
Pat and Hank,
Besides the obvious question of who gave Greg  the authority to be deciding what information will be given to  Corey or anyone else  in Port Orange  I want to express my concerns with the secrecy Greg  seems to relish in.
First of all he  disclosed the breach of  personal employee data in private conversations with Council .  That is a dangerous practice  because the people know nothing of what he  said period,  And  the individual members of Council know nothing of what he said to the other members.   For all any of us know he could have given 5 different versions of what went wrong as he  pandered to the passions of  the 5 Council members.
All we know for sure is that no council member made any public statements,  AND  that at least 2 leaked to various bloggers.
Now I understand well why the Manager preferred to handle this in secret. . He wanted to avoid embarrassment for himself, including having to explain why he just cannot seem to  see the employee incompetence and neglect  that is so obvious to the rest of us.
But what was in it for the people ?…… a big fat nothing.
There is another angle to this personal data breach, and that is it  could likely  have been avoided but for some previous secrecy of Greg.
When all the cherry picked forensic ‘examinations’ were being conducted earlier this year the portion dealing with the IT department was kept secret under an alleged exemption provided by   Fl Statute 281.301   Security systems;  records and meetings exempt from public access or disclosure.
Now the purpose of the secrecy that statute affords is to protect legitimate information that if made public could compromise the security systems protecting our City, County  and State infrastructure.  That statute has rightly concluded that disseminating information such as security access and monitoring  systems,  power and cable feeds,  redundancy protocols and the like  could potentially cause more harm than  good.
That statute  was not meant to shield a fundamental error made by the CPA firm friend of Greg  who conducted the IT review, and it  was not  meant to shield the stymied  and dysfunctional practices of the IT  departments personnel and the pitiful degree to which all City departments and especially IT interact with each other.
BTW so serious  is that dysfunction that the last two IT directors have resigned in protest citing mental anguish health concerns as the reason.  Parker elected to fill the first resignation and Greg has decided to just not fill the current vacancy with an computer professional  preferring to assign  a long time staffer to run that department  and who knows just about as much about computers as I do which is to how to turn them on and off.
Contractor error and employee dysfunction was  exactly the kind of information we were precluded from seeing in that blocked IT report.  Had we seen that report we might just have gleaned that the City was still sending out sensitive data via e-mail ….. a practice the rest of the modern world abandoned years ago.
For example the sensitive authorization information I need in connection with military moves my firm does is posted on a SDDC website and an e-mail is sent to the ip address of record ( ie my e-mail address )  containing a time sensitive one time use only  password.  If that website is accessed from the ip address to which the e-mail was sent and the password is used during the hours it is operational  the required data is available for my use.   This may sound complicated but to computer professionals it s easy enough to set up and administer.
If Port Orange had such a system,  where the personnel department posted the payroll data in question to a location IT had set-up on a server and IT had password-ed  access with the Actuary,   instead of sending out sensitive information to the first address that pops up when you start typing in an address bar no personal information would have been compromised.
Council was snookered in the IT department review blackout, they were snookered in the latest personnel data breach, and they are continually snookered in secret meetings with developers the Manager’s office specializes s in setting up.
If we learned anything from the Nixon administration in the early days of our professional  careers it is that secrecy is rarely designed to benefit the people.   It sure hasn’t benefited those pension plan employees who will have to continually check their accounts for identity theft for the rest of their lives.
Ted Noftall

 
see the below post for more info
http://52.11.120.211/nobody-work-hard-city-hall-even-hackers/