Over the holidays, a close friend shared a very difficult situation with me. One of the members of his company found a way to hold his company’s IP hostage in return for additional compensation. It started with this nefarious individual asking for administrative access of the company servers for some changes that needed to be made. An innocent enough request in a small startup. Things went very wrong when he logged into all of the access accounts and changed the passwords. He then phoned my friend and threatened to leave (with the company IP) if he was not granted additional stock. This was a few months after he committed to staying after he received a large allocation of stock options.
This is where my friend found himself with a very difficult decision. He was forced to ask himself two very difficult questions…
Do I give him more stock? or Do I fight him and deplete the company’s scarce capital?
My friend decided to give in and provide the options. The consensus at the time was that the risk was too great for the company and the employee could be managed (even after his transgression).
My friend was wrong. Two months after receiving the new options (and burdening everyone with a great deal of drama), he left anyway and tried again to hold the company hostage.
I was very glad he shared this with me and empathized with his situation. I think that most people who work in hi-tech can identify with someone who had to deal with an aspiring Darth Vader.
This is what I have learned from my own experience.
First, you should never put yourself or your company in a position where it can be held hostage. If you are in that position, you have already lost more than you are likely to understand. One of the most common mistakes people make is not putting into place some simple safeguards to protect the company.
Second, if someone attempts to hold your company hostage, you should remove that person regardless of the costs. In the heat of the situation, it is hard to understand that companies can be reincarnated with some creativity and very little financial costs.
Third, once you negotiate with a terrorist, you will always be negotiating with terrorists. People are conditioned by their experiences. Once you give in to someone’s poor behavior, you are letting them know on some fundamental level that what they did is OK. The behavior will likely continue or even get worse. In the case I mentioned above, it got progressively worse and ultimately drove some good people out of the company.
Fourth, get your board and your personal advisors involved at an early stage. Many people look at this sort of problem as something they should be able to handle on their own and try to keep from others. This is almost always a mistake. As it turned out, many of the people whom were advising my friend had dealt with similar situations and could have provided him with insight as to what his options were and how to best handle this sort of situation at an earlier stage than he did.
Here is how you can identify the problem before it starts…
Corporate “Darth Vader”(s) do not always look the part. Often, they are capable people who feel that they have not been fairly compensated. Regardless of their motivation however, here are a couple of ways that you can identify them.
1) They often compare their value to others in the company and highlight that they are the only people who can make the company successful. Everyone else in their view is expendable.
2) They often insist on absolute control of their area. If they are an engineering lead, they will insist that all communications go through them and nobody else.
3) They will try to assassinate people who threaten their authority by delivering ultimatums to remove these people or by shutting off help to the people they do not like so that their perceived competition will fail.
4) They blame others for their failures. If they are late on their deliverables or are going to miss their deadlines, it is someone else’s fault.
5) They hold back critical information about their work to gain additional leverage or control.
6) They do not “train” their team members for leadership roles. Why should they? It is not necessary if they intend to make all of the decisions.
This is how you prevent the problem from ever starting.
The most concise answer I have is hire good people, and treat them with respect, but put reasonable safeguards in place that are difficult to circumvent. For those Reaganites out there, the operative phrase is “Trust but verify”.
Here are five easy steps I always follow.
First, every employee (or contractor) of the company should sign an IP Agreement. This agreement stipulates that whatever IP that is developed for the company stays with the company and cannot be removed without the express permission of senior management or the board. This protects one of the two key assets of the company.
Second, all employees (or contractors) should sign an agreement saying that they are not allowed to poach employees of the company. Often when people leave a company under less than ideal circumstances, they will try to “help” other employees to leave. This protects the other key assets of the company.
Third, administrative control should be maintained by at least 2 key people at all times. This means that if the administrative interface is accessed, the ability to modify access should be based on an authentication that the CEO holds but his key people can utilize.
Fourth, all IP should be automatically backed up to a system that only the CEO and the board can access. As with the first measure, this protects your intellectual property.
Finally, the greatest asset of any organization is its people. You must always maintain the viability of an operational team for the company. This means cultivating back-up options for critical roles in the company to reduce risk. It also means that you have to protect your people when you have a less-than-honorable person in your midst.
Where people are concerned, there are always complications. Looking back on my experience (and that of my friend), there were plenty of warning signs and opportunities to prevent this type of situation from occurring. What hinders you here is faith that people will always do what is right. That is simply not the case. Most will, but some simply do not live by a moral compass or will justify their extreme behavior with their view of what they deserve.
An ominous first article for the year but an important topic nonetheless. Don’t give in to the Dark Side. :)