System Security And System Administration Reminders For The New Year
System administration is a very complicated job, if not one of the most complicated in the world. People dealing with computers and networks for a living come with a of passion for technology, which no university degree can guarantee their students of gaining such a trait. Most of individuals in this sysadmin/IT profession are self-taught, passion-driven and self-motivated people. It is unfortunate that in some companies, they are not fully understood by both fellow employees (non-IT) and middle/top management. Many of them day-in and day-out strike a balance between the system’s effectiveness and productivity vs the cost of security.
A prerequisite guideline for applying corporate IT security concept is to understand that the five guiding principles of measurements: leadership, employee involvement, process improvement, and customer satisfaction form a systematic approach to managing the firm’s current IT Policies. All system components must be present for a successful outcome. Piecemeal application of the principles does not optimize the system. These principles are interrelated and interactive. The system of management integrates them under a comprehensive disciplined approach focused on improving network and system policies.
System and network stability, privacy and security are highly tied to how system administrators take their job. The easier the IT policies are accepted by the stakeholders, from the regular clerk to the board-of-directors, the less complicated the job of system administrators, the more secure the corporate network and systems. In view that 2019 is just around the corner, we share with you our ‘wishlist’ in how to deal with IT systems, system administration, and network management for the coming year:
1. Have a responsible BYOD (Bring Your Own Device) Policy.
There is no turning back, BYOD is here to stay and everyone in the organization should embrace it. For the very fact that everyone in the enterprise possesses a smartphone or any portable Internet-connected device. It is important for the enterprise to maintain a high level of security, while not prohibiting BYOD and this is an acceptable compromise. It is proven that when employees are comfortable with their tasks, their productivity increases and there is no other device more comfortable than one’s personal device.
2. Nobody should attempt to bypass security controls.
Security controls are there to track users, applications, and hardware in order to measure their effectiveness and productiveness. Bypassing this is not only irresponsible but can also be considered as criminal in nature in some territories. Everyone is expected to adhere with lawful orders of the employer towards its employees, while the latter being compensated for his/her services.
3. Think before clicking a link.
It is very easy to click a link on a website or in an email, that is why phishing has been a very successful exploit for decades. Users these days should be alert of all the website links offered to them, never turn-off critical thinking when dealing with offers to click something. It will not only save time but also will save cash for a company. Preventing the possibility of virus infection, getting phished or experiencing data breaches can be considered a huge saving for any company.
4. Never allow weak passwords.
In Active Directory, the password complexity requirement is an option to enable. Always choose to demand users to choose a complex password, no exemptions.
5. Never ignore the importance of encryption.
Hardware can easily be replaced, but data isn’t. Especially these days in the age of mobile computing, it is fairly common for laptops getting lost in airports for example. Such lost laptops are no longer news, it happens basically across tens of thousand airports in the world. The only saving grace to a lost electronic gadget is encryption; anyone taking a hold of an encrypted device cannot poke into the data stored on it.
6. Never sell old computers without scrubbing data.
Companies regularly replace corporate computers in a regular cycle. Usually every 3, 5, 7 or 10 years depending on the level of usage/wear-and-tear. It is fine to sell old computers to other entities, provided the hard drive is totally wiped, deleting all the saved data stored on it prior to the sale.
7. Never implement an open wi-fi network in the enterprise.
Companies should never have an open wi-fi network. WPA3 encryption has been recently been approved, new wifi routers will support this new standard. WPA2 encryption although older is still usable to a certain degree in the enterprise space, use it.