It’s not often we see malevolent, movie-type plots played out in IT departments, so check this out: Reuters reported that a computer systems administrator was sentenced to 30 months in prison Jan. 8 for trying to sabotage his company’s servers out of fear he was about to lose his job — the longest ever federal prison term for a criminal attempt to damage a computer system.

The former sysadmin was also ordered to pay $81,200 in restitution to his former employer, pharmacy benefit manager Medco Health Solutions Inc.

According to a report from the U.S. Department of Justice, Medco administered prescription benefit plans and maintained customer healthcare information on databases using an HP-Unix computer 2 system comprised of approximately 70 servers. The servers also included corporate financials, pharmacy maintenance tracking, web and pharmacy statistics reporting, and the employee payroll input.

As a system administrator, Lin had access to the Medco servers to perform maintenance and run applications.

The 51-year-old Unix pro admitted he modified computer codes and added code to create a “logic bomb” designed to wipe out servers on Medco’s network in October 2003, reports said.

At the time, Medco was restructuring and Lin reportedly feared he might be affected by layoffs.

A vindictive Lin modified and inserted code into pre-existing scripts on the Medco Servers designed to to delete nearly all of the information on those servers. The “Destructive Code” was designed to delete information including databases identifying subscribers, plan coverage, prescription administration, and billing data on his birthday, April 23, 2004.

But on October 6, 2003, Medco laid off four system administrators in the Unix group, but — get this — Lin was not one of them.

But he didn’t let a little good news get in the way of his plot. He left it in place, but the code failed to deploy as planned, so he edited it to go off on his birthday the following year, 2005.

Lucky for Medco, the unauthorized code was discovered by another computer administrator in January 2005.

All joking aside, this is really disturbing, not only because Lin took advantage of his power, but because clearly he didn’t consider all of Medco’s patients whose prescription information would be lost, and the potential harm he was doing not only to “the corporate machine” but to actual people.

Reports show that employee misconduct and unintentional actions like errors and omissions are the greatest cause of data security breaches, so I hope companies like Medco do some serious screenings for criminal minds before hiring people who will have access to our personal data.

I’m writing a story right now based on a study by the Aperture Research Institute showing the majority of data center managers have poor configuration management, and they don’t trust their infrastructure management tools.

The poll shows less than a third of data center managers are implementing ITIL; 30% are working on introducing ITIL initiatives and 9% are making plans to implement ITIL. Then there were the 20% who said they were merely investigating ITIL and 12% confessed they were not familiar with it at all.

Where do you stand with ITIL adoption?

BladeLogic has virtualization management software

The Lexington, Mass.-based company last week released BladeLogic Virtualization Manager, a systems management application focused on virtual machines (VMs). The new software works with VMware ESX and has a single interface to handle provisioning, deleting and managing of VMs.

RLE Technologies releases data center monitoring equipment

RLE’s new Falcon F110 is a data center monitoring system that allows for 11 different points where thresholds for temperature, humidity, and water leaks can be detected. When the limits are breached, the system can automatically notify the necessary people through email or messaging alerts. The F110 is the first of six products that RLE plans to release by the end of July.

Opsware updates online security and compliance subscription service

Opsware Inc., a data center automation software company, has updated its online subscription service, called The Opsware Network, for data center compliance and security. The company says the upgraded software has more than 2,000 new compliance and security checks to help meet regulations such as HIPAA and Sarbanes Oxley (SOX), as well as online community forums and access to additional downloadable content.

21st Century Software updates mainframe DR software; adds Unix DR software to the mix

21st Century Software has upgraded its DR/VFI data recovery and backup software for the mainframe, as well as announcing a new version for Unix systems. The mainframe product has new features such as the ability to now simulate a disaster recovery event before going offsite to perform testing. The Unix version is focused on backing up and restoring critical files and applications.