This company outsources its data center hosting, which really doesn't mean much difference for a systems manager pilot fish. "The vendor had the data center on-site," fish says. "When we had to do updates or debug problems with this one particular purchased software package, someone from the hosting vendor would accompany us into the server room, log onto the server with an admin log-in and let us do our thing."

But then the company changes vendors -- and now the data center is hundreds of miles away. "They had no familiarity with this software package," says fish, "They gave us admin IDs so we could log on remotely to the servers set up specifically for that software and do the work ourselves."

Fast-forward two months: A data security guy at the vendor notices the admin IDs. He knows nothing about the arrangement. He tries to contact someone in security at fish's home office, but that person ignores his e-mails and messages.

Since he can't figure out who the admin IDs belong to, vendor security guy revokes the access on two of the three servers.

"One more month goes by," fish says. "I get an e-mail that one of those servers is dangerously close to crashing with a full disk. I try to log on to see what's happening. I can't. I try to attach to the drives. I can't.