Fail-Friday: Two real IT fails that can happen to anyone

Welcome to our Fail-Friday! Every second Friday of the month, we share anonymized little mishaps from everyday IT life—served with a wink and a clear lesson learned. The goal: get better together, no finger-pointing.

Fail #1: “Share… but only the right window”

What happened:
A browser tab was supposed to be shown in a client meeting. Instead, full desktop sharing went live—complete with private messenger pop-ups and internal file names. Not a disaster, but awkward.

Why it happened:
Meeting rush, default set to “share entire screen,” notifications not silenced, no “clean” meeting view prepared.

Lesson learned (short & practical):

• Always share a specific window/tab instead of the entire screen.
• Enable Do Not Disturb (Windows: Focus Assist, macOS: Focus).
• Before meetings: tidy the desktop, close sensitive files/folders.
• Use a dedicated browser profile for meetings (no private bookmarks/extensions).

5-minute check:

• Notifications: off.
• Sharing: window/tab only.
• Audio source: correct?
• Background: non-sensitive?

Fail #2: “The private hotspot that bypassed the firewall”

What happened:
The office Wi-Fi was briefly limited. A colleague quickly set up a private smartphone hotspot. Result: one device went online outside compliance policies; web filtering & logging didn’t apply.

Why it happened:
Good intentions, but clear shadow IT. There were no “If Wi-Fi is down, then…” rules and no captive-portal guidance. Not malicious—just missing guardrails.

Lesson learned (short & practical):

• Communicate policy clearly: “No private hotspot for work devices”—and state the approved alternatives.
• Enable NAC/port security: block or quarantine unknown/forbidden connections.
• Document the fallback: What to do during Wi-Fi issues? (e.g., guest SSID with captive portal, temporarily monitored LAN port).
• Enforce device-based DNS/web filtering (agent or always-on proxy) so protection applies outside the corporate network too.

5-minute check:

• “No-hotspot” rule known & easy to find?
• Guest/backup SSID documented?
• NAC/agent active on clients?
• Monitoring: alert on policy violation?

Mini checklist for the week

• Meetings: Set sharing default to “window/tab,” add a Do Not Disturb shortcut.
• Awareness: Post a 60-second “Share it right” reminder in the team chat.
• Policies: Pin “No private hotspot” + fallback plan in intranet/chat.
• Security: Verify email security & DNS filtering—do protections also apply outside the office?

Note on privacy & respect

• All stories are anonymized with no way to identify people, companies, or projects.
• No personal data, no trade secrets, no customer details.
• The goal is learning, not blaming. We only share what helps—friendly, practical, safe.

Takeaway: Small fails happen—the question is what we do with them. With clear mini-rules, lean policies, and a dash of humor, they become quick wins for everyday security.