December 3, 2007

Trust Thy Administrator

Law #6 of Microsoft's 10 Immutable Laws of Security states that a computer is only as a secure as it's administrator is trustworthy. But how can you trust someone you know nothing about? Here are some things you should know about system administrators.

  1. We put the good of the company over the good of an individual. Yes, I know you hate that "stupid policy" that locks your computer after 15 minutes of idle time, and I know that you hate having to change your password every 90 days, but it really is for the good of the company. We need to make sure that the companies data is secure, otherwise both you and I are out of a job.

  2. We are tasked with keeping the security and integrity of data secure, and to be able to keep things secure, we need access to them. But just because I have access to every file on the network share, doesn't mean I look at any of it. You can rest assure that the only reason I have access to your files is to make sure you have access to your files.

  3. The same goes with email. Yes, as an administrator I can read every email that comes and goes. Why do I have the ability to do this? It is so I can help trouble shoot problems when people say they are not getting email, or when they say their recipients aren't getting them. I'd much rather have a special account that can access everyones email than you tell me your password so I can check your account if I need to. Having a single account (which is not my account) makes it so I can disable that account when not needed and has access to any account I need it to when I need it to. You can trust, that a good administrator is not just sifting through your emails looking for dirt on you.

  4. We need to prioritize: We understand that you think that what you need us to do is urgent, but sometimes it isn't. I typically have a pretty full plate, so I have to prioritize and sometimes you just aren't the top priority. This is how I prioritize my work load:

    • Top Priority: Effects a significant amount of people, or halts a mission critical operation
    • Urgent: Effects senior management(yes, some people are just more important), or a department which has the closet deadline.
    • Standard: You have work that needs to get done, but something isn't working right (email delayed, computer not connecting to the network, etc)
    • I'll Get to it Eventually: You want a new mouse because your old one isn't as nice as the new ones, you want a new monitor, you think your computer is running slower than normal, etc. It isn't that these requests aren't important, it's just that other requests are more important. So I need to take care of the bigger issues first. The good news is, if it is 3:30 in the afternoon and I just finished one of the bigger tasks, I probably don't want to start another one so I go and look at this list and see what I can resolve in the next 30 minutes or so, and chances are if its a request like this...I'll pick it.

  5. We like other things aside from computers: I love computers, and gadgets and all the cool technology I get to work with, and I like my job as well, but I also have a home life, and enjoy non-work related things like going to concerts, playing pool, seeing movies, hanging out with friends. So if you see me in the non-work environment, feel free to say hello, but I would much rather prefer you don't as "so...when is my email going to be fixed?" Also, try not to look so shocked when you see me at a punk show smashing into people in a mosh pit...I need to get rid of some of the stress too.

    True Story: I was at the store with my girlfriend and we were grocery shopping. Out of no where a lady comes up and says "hey, when you get a chance can you look into randomProblem?" I look at her confused and say "I'm sorry, what?" She went on to explain the problem again. I realize she in an employee that works for the same company as me and she recognizes me from seeing me around their office previously. I ask her to submit a trouble ticket for the problem like they have instructed to do so, and she has the nerve to say "why I just told you the problem?" It went down hill from that point. I let her know that we were in a grocery store and if she wanted her issue addressed she would submit a trouble ticket and that I was going to walk away now and forget we had this conversation. As we walked away and my girlfriend asks "are they all like that?" I replied "No, but the ones who are make the rest look real bad"

  6. We want you to succeed: Really, we do. In the corporate world, IT is a support group. Unless we are working for an IT company, we aren't the money makers and the only way we can justify our existence is by making your jobs easier and increase your performance. I am happy when a department makes their deadlines and no one has any trouble with the equipment we maintain. I like being able to get you the software you need to give a kick ass presentation and close a huge deal. Technology is a tool, I'll do my best to make sure the best of that tool is available to you.

  7. We aren't out to get you: Getting people in trouble is extra work. If someone makes a mistake, we need to fix it whether they get in trouble or not, and whether it's their fault or not. So unless you are a total ass (and I mean huge) or what you did was intentional(which puts you in the "huge ass" category), I really have no drive to get you in trouble for it. It's easier for me to say "sorry...computer glitch" than it is to explain how you made a mistake, how I had to fix it, and the possibly explain it over and over again it is that will pretend to care and get you in trouble. I can also cause doubt if you are being blamed for something. It's easy for me to say "well...a virus could have caused that" or to look the other way at minor infractions of policy (again, if I rat on you, it means I need to do a full investigation and then write a report on it...blech)

  8. We will keep you in the loop: We don't have anything to hide, and the more you know about what we are doing, the easier it is for us to do it. Want to know why we decided to put a particular security policy in place, Ill tell you. Want to know when we will be doing system maintenance check you email...I send out messages so you can plan around them. Of course, there are somethings I can't tell you, and it's mostly because I don't know. For instance, if you ask me when you are getting a new computer, my answer will probably "ask your manager" because I have no idea when your manager will want to spend money to get you a new computer.
So there you have it. A good admin will do a lot of the above. These are the things I do, because these are what my administrators did and this is how I was taught to do my job. Get to know your administrator, they are usually good people, and for the most part, you will be able to trust them. And if you happen to come across a bad admin, don't hold it against the rest of us.

Bookmark this post:
StumpleUpon DiggIt! Del.icio.us Yahoo Technorati Reddit Google