This is an anonymous post sent in by a member who does not want their name disclosed. Please be thoughtful with your responses, as these are usually tough posts to write. Email sloan@dev.to if you'd like to leave an anonymous comment or if you want to ask your own anonymous question.

How do I flag a coworker who doesn’t have good security practices to management in a way that doesn’t get them fired? I’ve mentioned this to them directly before and I still see them putting our security at risk on a regular basis (poor logging practices, insecure storage, etc). It's wild to me that they don't see the way they handle security as an issue, but they're a more senior team member than me, and I don't know how to go about it without reaping my own consequences.