WEBINAR: Live Event Date: September 20, 2017 @ 1:00 p.m. ET / 10:00 a.m. PT
Designing a Proactive Approach to Information Security with Cyber Threat Hunting REGISTER >
Ask any administrator and he will spin a good yarn about destructive users, clueless bosses and IT departments at each other's throats. Keeping a network up and running these days is more like fighting a small war.
While admins are generally equipped to battle the forces that threaten their networks, they may find that end users are not too keen on getting drafted for duty.
So where exactly does an admin's responsibility over a network's well-being end and a user's begin?
It's a complicated issue with arguments on every end of the spectrum. Some IT workers prefer to lock everything down, even if it earns them the scorn of savvier users.
Still others want employees to share in the responsibility by using some common sense, sticking to mandated policies and taking the time to learn a thing or two about the systems that play host to their spreadsheets and the occasional game of Solitaire.
Visit this week's spotlight thread to gather tips, read some horror stories, and even discover a different (and mildly insulting) meaning for I/O error. Shame on you!
Note: The opinions expressed below are solely those of the individual posters on the AntiOnline forums.
Direct link to this week's spotlight thread:
Tiger Shark kicks things off by revisiting a hotly debated topic in another (closed) thread.
The most basic principle of computer security is that if it isn't Explicitly Denied then, ergo, it is Implicitly Allowed. Therefore, any administrator who allows anything to occur on his network that he didn't want to have happen has no one to blame but himself.MrCoffee disagrees and adds this perspective:
We as admins, walk into new jobs everyday, and find a wild mix of OS's, hardware, and software, that have been tacked onto our networks since long before we ever worked at a location. I have been at my current job 18 months, and I am slowly but surely getting everything locked down.When things head south, many administrators find that they are like magnets for blame. dinowuff says...
Case in point:
About a month ago, I had a major database app to upgrade on my apps server, requiring the server be accessible, BUT the app could not be used during the upgrade period. At each tracking station I unplugged the workstation, unplugged the NIC from the network, posted a 8" x 11" sign saying the app was down and not to try and access the tracking app. As I was running the update, a user reconnected the machine, removed the sign and proceeded to log in and crash the update, resulting in a day of restore and rebuild time.
Everything is the admin's fault. After requesting another 60amps and a new UPS in one of my server rooms - Company purchased another AS/400, I was told that the cost was not justified. When the newly installed 400 brought total power usage to 59.9 amps, the UPS blew up and all servers were "Off Line" The reason this was my fault: I knew exactly what was going to happen and did not prevent it.Infighting and politics are staples of many workplaces. Here's how admins like MrCoffee cope.
When you cannot solve a problem technically, you must resort to administrative solutions. But those too will fail, if you 1) do not have the management, or administrative authority to take actions or to enforce policy, and 2) if those who do have the authority choose not to use it, or will not take action to prevent the problems (i.e. not allowing my to secure the IAD).How do you thwart insider threats? Discuss your experiences here.
For me, I stop taking the blame when people openly disregard the instructions, policy, and proposals I have given. I had to beg and plead for several months with the management here, to replace an aging and flaky backup drive on our accounting network, and I was turned down until the server's hard disk died and they lost several weeks worth of work.
Then and only then was I allowed to install a new drive. Stupid, yes, but since there never had been a problem with that server, why worry about it?
What is AntiOnline?
AntiOnline (AO) is home to many of the most popular network security discussion forums online. Here, participants engage in candid, thought-provoking and enlightening exchanges on the latest hazards and how to protect your systems against them.
We invite you to join the AO community (it's free!), share your wisdom and learn a few things in the process.