The System Admin
Today’s System Administrators are some of the most well trained and underpaid IT personnel, but also some of the weakest links in the chain in terms of security. In this issue I will discuss some of the flaws that many administrators have. That is not to say that they are incompetent, but that so much is required of them that much of the time unless they too are monitored then security gets put on the back burner and like all things in the IT industry keeping the systems up and running comes first.
System Administrators (SA) are at times required to know more than one brand of Operating System, and not just know it but truly be an expert. They are the subject matter expert on all things server and even at times the desktop environment. A lucky SA will only be required to know one companies OS, whether it is Microsoft, Apple, or Linux. However, more and more these days your SA is required to know at least two of those with the added complexity of a Citrix or VM environment, plus trying to keep up with all of the policies that your IT Security personnel are pushing out. The reason your SA is a weakness a lot of the time is because much of their job becomes automated through scripts, or other means without much chance to actually look at logs. If an alert isn’t pushed out by their choice of program then to them everything is good to go. Not only that but as security doesn’t come to the forefront of their mind, too often they use the same passwords on many of the systems and usually what they use at work is also used at home. Though, they should know better it becomes more and more cumbersome to remember the password you use for your bank, your social network, your office, and anything else that requires a password. I tell people all the time the importance of password complexity and using different passwords for different sites as well as changing them every so many months.
The only way we can fix the issues with SAs is to augment them with proper security personnel. Make sure that logs are getting monitored. Verify that password complexity is in place so that the requirements are being met for at least 15 character passwords with at minimum two uppercase, two lowercase, two numbers, and two special characters. SAs are not paid to be the security expert, they are paid to keep systems up. If services go down it is the SA that will be in trouble. Companies need to recognize this weakness and realize it is not the fault of the SA but when you are insistent on doing more with less, you need to make sure you pay for security experts to validate and make sure your network stays secure and limit the chances of down time.