I really appreciate this piece. The “knowledge hoarder” problem is real and can be really hard to identify. It’s usually just someone who’s been around long enough to become indispensable, or who believes that being the keeper of indispensable knowledge brings them job security. It can look like they are a stellar employee but that’s exactly the danger. From a management/leadership perspective, I identify this as “Predictability over Heroics”. If your business depends on one heroic person (ex: a knowledge hoarder) who knows everything, you don’t have resilience, as you pointed out. You have a single point of failure, potentially a really big single point of failure. And the smaller the company, the more existential that risk becomes usually because the leadership themselves become that point of failure. This is a great article that reminds us that continuity planning isn’t just about servers and backups, it’s about building teams and systems that can survive the loss of any one person (or more!).
That's a sign to cross train and to have them start to develop SOPs and other documentation to train/cross-train more junior resources.
If they have been around that long, they are also likely due for some kind of promotion, whether your business can support it or not, and sometimes it might be better to help them grow it to that next role, knowing that they might leave, but that they will do so with the care and consideration you gave them.
The opposite can be true, with the lack of trust and loyalty in employers today, being prepared for a fast transition and a fast onboarding of a replacement is also something that must be considered.
Brilliantly articulated framework for something most SMBs never consider until it's too late. The QuadrigaCX case study hits especially hard because it exposes how our obsession with security (encryption, cold wallets, immutable backups) can paradoxically create fragility when paired with single-person knowledge silos. Your MFA lockout scenario is the perfect 2025 update to the classic bus factor problem, most DR plans still assume credentials are the main barrier when in reality the second factor bound to a deceased employee's personal device is often the real killswitch. The physical YubiKey in the fireproof safe is tactical gold, it sidesteps both the personal device dependency and the trust issue inherent in shared authenticator apps. What strikes me is how this isn't just about Active Directry or technical continuity but organizational design.
I really appreciate this piece. The “knowledge hoarder” problem is real and can be really hard to identify. It’s usually just someone who’s been around long enough to become indispensable, or who believes that being the keeper of indispensable knowledge brings them job security. It can look like they are a stellar employee but that’s exactly the danger. From a management/leadership perspective, I identify this as “Predictability over Heroics”. If your business depends on one heroic person (ex: a knowledge hoarder) who knows everything, you don’t have resilience, as you pointed out. You have a single point of failure, potentially a really big single point of failure. And the smaller the company, the more existential that risk becomes usually because the leadership themselves become that point of failure. This is a great article that reminds us that continuity planning isn’t just about servers and backups, it’s about building teams and systems that can survive the loss of any one person (or more!).
That's a sign to cross train and to have them start to develop SOPs and other documentation to train/cross-train more junior resources.
If they have been around that long, they are also likely due for some kind of promotion, whether your business can support it or not, and sometimes it might be better to help them grow it to that next role, knowing that they might leave, but that they will do so with the care and consideration you gave them.
The opposite can be true, with the lack of trust and loyalty in employers today, being prepared for a fast transition and a fast onboarding of a replacement is also something that must be considered.
Brilliantly articulated framework for something most SMBs never consider until it's too late. The QuadrigaCX case study hits especially hard because it exposes how our obsession with security (encryption, cold wallets, immutable backups) can paradoxically create fragility when paired with single-person knowledge silos. Your MFA lockout scenario is the perfect 2025 update to the classic bus factor problem, most DR plans still assume credentials are the main barrier when in reality the second factor bound to a deceased employee's personal device is often the real killswitch. The physical YubiKey in the fireproof safe is tactical gold, it sidesteps both the personal device dependency and the trust issue inherent in shared authenticator apps. What strikes me is how this isn't just about Active Directry or technical continuity but organizational design.
Thank you very much. Modeling from life lets you see what could really happen, not just in theory.