Lead Image © Maxim Kazmin, 123RF.com

Lead Image © Maxim Kazmin, 123RF.com

Chronicles

Welcome

Article from ADMIN 63/2021
By
A new trajectory for system administrators: Security and documentation

Security is everyone's problem but, as a sys admin, you will take the blame should something go wrong with security on your systems or any device within your jurisdiction. My purpose in telling you this isn't to bum you out about your job but to inform you to be proactive in your security measures, follow industry best practices, follow your company's security policy guidelines (if you have any), and, most importantly, document your work. Be sure that someone knows that you did configure those host-based firewalls; you did use enforcing mode in SELinux; you did enforce complex passwords or, better still, set up two-factor authentication and Active Directory integration; you did secure the SSH daemon; and you did limit connectivity to a few systems.

Make better system security your number one priority. It is the most important aspect of your job as a system administrator. I know it seems like I'm harping on the subject, but seriously, it bears repeating – a lot. Why? It's the same discussion (in theory) as talking about the importance of backups: Everyone knows about the importance of backups; everyone is tired of hearing about backups; but if everyone is so up-to-speed on backups, why do they still fail and require yet another conversation?

Backups, by the way, are also a security measure. I hope you knew that. If you ever become the victim of a ransomware attack, you'll appreciate a good backup.

Sure, everyone knows that everyone is responsible for security, but you, ultimately, are the responsible party. And not just for the servers. You're also probably responsible for desktop, mobile device, wireless access point, and web security. Your main purpose in your sys admin role is to ensure security for yourself, your users, your management, and your infrastructure. No wonder many system administrators get a reputation as being ogres or worse. The buck stops with you, and yet all too often your hands are tied by what I call "the corporate sillies." Corporate sillies are phrases that emanate from well-meaning but dreadfully uninformed managers who claim that they're the exception to whatever security rules are in place.

When a manager tells you that their workstation can't be included in regular updates that require reboots because they like to keep a dozen spreadsheets open and it will take too long to reopen them all – that is a fine example of a corporate silly. But who will that manager run to as soon as their workstation gets cryptolockered or damaged by a fully patchable vulnerability? If you guessed yourself, give yourself a big pat on the back.

This is exactly why you must document every security measure that you implement, why you implemented it, and the repercussions of non-compliance. Also note any exceptions that you're forced to allow, such as the one described above. Some people just can't be bothered to do what's right, although it's your responsibility to be sure they do. That sounds a lot like a classic catch-22 situation. Although, I never read the book or saw the movie, I've heard enough examples and references to feel comfortable with using the reference here.

My suggestion to you is to sign up for some security classes, even if you have to pay for them yourself. Earn some security certifications to back up your disdain with current security policy or lack thereof. I know that system administrators hate to write things down, but you must force yourself to do so. Keep a text file open on your desktop for your notes, fixes, accomplishments, implementations, deployments, and so on. You'll be glad you did. Referring to this documentation might be your only defense should things go awry.

Finally, be sure that you have a good backup of your notes or even multiple copies of them. After all, you wouldn't want to have to explain that you had some great notes that outlined your master security manifesto, but they were lost because they weren't backed up, were stolen by malicious intruders, or were eaten by your dog.

Ken Hess * ADMIN Senior Editor

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Security is Everyone's Problem
    I attended a security seminar a few weeks ago, and one of the slides read, "Security is not an IT problem." I laughed when I saw it and gave a smirk to our Security Manager at my new job.
  • How to back up in the cloud
    In cloud computing practice, backups are important in several ways: Customers want to secure their data, and vendors want to secure the essential details of their platforms. Rescue yourself, if you can.
  • The Fine Art of Relationship Maintenance
    We want to be secure. We don't like security. We want system administrators, but yet we are irritated when they need to fix something or to implement security. Complicated isn't it?
  • Arm yourself against cloud attacks
    We present approaches and solutions for protecting yourself against attacks in the cloud.
  • Of Earthworms and System Administrators
    I'm fascinated by the stories of disasters and near disasters related to me by my IT peers, especially those involving backups – or the lack of backups, as is so often the case.
comments powered by Disqus