When Your Manager’s Security Paranoia Backfires: An Epic Tale of Malicious Compliance in IT
There are few things in corporate IT as eternal as the “Who needs access to what?” debate. If you’ve ever worked in IT (or just tried to explain your job to someone who thinks “the cloud” is literal weather), you know the pain. But what happens when a manager’s quest for security and control goes so far off the rails that he locks himself out? Reddit user u/lilbea has lived to tell the tale—and, oh, what a tale it is.
This is the story of a manager who wanted absolute security and control…but didn’t want to do any of the actual work. The result is a masterclass in malicious compliance, and it’s as entertaining as it is instructive. Grab your popcorn.
It Starts Innocently Enough…
Our hero works in IT for a big company and manages a portal with about 100 users. One day, the manager decides it’s time for a “user access cleanse.” The instructions? Remove anyone who doesn’t need access. Easy! Our trusty IT pro trims the list to a lean, mean 30 users. Everyone’s happy, right? Well, not for long.
A few weeks later, the manager decides 30 is still too many. Now he wants a full spreadsheet—names, teams, reporting structure, frequency of portal use. Annoying, but doable. The list is handed over. The manager, predictably, is now confused and angry that there are people on it he doesn’t recognize (in a company of thousands—shocking!). His solution: “Just delete everyone I don’t know.”
You can probably guess where this is going.
Chaos at 3am: “Why Is Everything Down?!”
Obeying orders, our IT hero deletes all unrecognized names. Overnight, chaos erupts. The global company grinds to a halt as critical users lose access. The IT guy’s inbox explodes. Does he leap out of bed to fix it? Nope. “I don’t get paid to work at 3am.”
By morning, the manager is livid. Why did all these people lose access? Why is the system down? “Because you told me to delete them,” comes the answer. Now, the manager wants everyone back in. No problem—just undo all your own previous demands, right?
But wait, there’s more! Security paranoia lingers. The manager is still unhappy. He wants to review the list again, now with even stricter criteria: Only users who access the portal daily as part of their core job should be allowed. Anyone new must fill out a form. The IT guy complies—again.
The Ultimate Payoff: When Malicious Compliance Locks Out the Boss
A few weeks later, the inevitable happens:
Manager: “I think something’s wrong with the system. I can’t log in anymore.” IT: “Nope, it’s working just fine.” Manager: “Then why can’t I log in?” IT: “I removed all users who don’t use it daily as part of their core job.” (Quoting the manager’s own words.) Manager: “Add me back.” IT: Slides over the access form the manager mandated.
The cherry on top? Weeks later, the manager still hasn’t filled out the form, and he still doesn’t have access. But—miraculously—they’re somehow on good terms now. Maybe misery truly does love company.
Why This Story Resonates (And What We Can Learn)
This is the kind of tale that’s instantly relatable to anyone who’s ever worked in tech or had to enforce (or suffer under) arbitrary corporate rules. It’s a perfect example of what happens when management gets obsessed with control and security theater, but doesn’t want to actually do the legwork or understand the systems they’re “securing.”
Some takeaways: - Malicious compliance is a powerful tool—sometimes the only way to educate a micromanaging boss is to let their own logic play out. - IT pros are often the unsung heroes, quietly keeping the company from descending into chaos (even if it means watching it burn for a night, per instructions). - If you make a rule, be prepared to live by it—especially if your IT team is as sharp as this Redditor.
Conclusion: Have You Survived Similar Corporate Shenanigans?
If you’ve ever been caught in a loop of contradictory demands from a boss, you know the satisfaction of a perfectly executed malicious compliance. Have a story of your own? Share it in the comments below! And if you’re a manager reading this—maybe listen to your IT people next time. Your logins (and your sanity) may depend on it.
Want more tales of corporate absurdity and IT heroics? Subscribe for updates and join the conversation. And remember: Be careful what you wish for—especially in writing!
Original Reddit Post: Want me to clean up users on the portal? Done, you’re deleted.