Attention sysadmins! Here’s how to dodge bullets in a post-Ashley Madison world

You've no time to get lazy

69 Reg comments Got Tips?

3. Keep your private life private

On the non-technical side there are many pitfalls for the administrator when using company provided equipment. Keeping home and work separate is important. An administrator has to be seen to be beyond reproach, especially if working at another company’s site or being a contractor.

This means things like paying your credit card bill or doing some other non-work related item should be avoided. People can and do use company IT to access their email.

What they tend to forget, however, is when you joined the company you more than likely signed a contract that effectively stated that the company reserves the right to monitor any and all usage of their infrastructure. I know most people know this already, but you would be amazed at what you get when you trawl through the logs of even the most modestly-sized company.

At one company where I worked, the IT department general inbox received a nasty gram from the Motion Picture Association of America after users had been stupid enough to run torrents on a an ADSL connection paid for by work. If I need to tell you why this is weird, you’re in the wrong job.

4. Personal email and web browsing – a petri dish of liability

People's work-related emails may well be clean and clear of malware, but personal accounts are not always as clean. Frequently, users have been spearfished on personal accounts and it has led to business systems being exploited.

Keeping clear of personal browsing and email at work is a habit to be encouraged. Do you want to be the one that causes that outage, data loss and expense to the company, or even worse, the client? Just about every techie has a smart phone so it is easy enough to check your email or respond to a query without opening yourself to “oh-oh” moments when you open an attachment that you shouldn’t have on business owned IT.

Recently, at a company I work with, a relatively junior clerk had opened a personal email that they shouldn’t and got CryptoLockered. This was a Friday afternoon. This meant the ransomware had all weekend to work on encrypting the contents of everything it could attach to.

The end result was a clean-up and restore from backup. The company as a result banned personal email. An administrator that is compromised has a massively amplified effect if you consider how much content they have access to.

5. The network is theirs, not yours

This may seem incredibly obvious, but a lot of sysadmins, particularly those in SMEs, where one person is the entirety of the IT team, can get a bit precious over the infrastructure.

It becomes a labour of love, and when that love is removed it can get rather darn nasty, à la Terry Childs. The network, the hardware, the servers; they belong to the company and the administrator is paid to look after the resources.

If the CTO wants the root password, that’s fine. Just make sure it is documented and witnessed, if possible. On the subject of documentation, also make sure yours is up to date.

I know as a group we system administrators all see it as perhaps not that important in the grand scale of things. Got stuff to fix, documentation can wait! What if something happens and you never return for whatever reason, and some poor sod has to pick up the pieces?

There are lots of things admins know they shouldn’t do but end up giving in to temptation, or perhaps a bit of naivety, or pressure from above.

Lessons learnt the hard way are not often forgotten. It is, however, better to not have to learn them in the first place. ®


Biting the hand that feeds IT © 1998–2020