MODULE FOUR CASE ASSIGNMENT
5 June 2011
Why do companies find it necessary to distinguish between network administration and systems administration?
The first line of defense for almost every organization is typically the system administrator. This is the person that actively interacts with the company network on a daily basis, and by extension has intimate knowledge of it. So it stands to reason that this person would hopefully be the first to notice any signs of possible compromise would it not? Sadly that is often not the case. Whether it is due to a lack of IT Training, complacency, or laziness is anyone’s guess.
Several of the company networks that I have been involved with have the same story. All of them have been compromised by exploits, which have been out in the wild for some time. In other words a patch for the exploit has been released and is available. Why then did the system administrator not go out and download then install this patch? Surely it cannot be ignorance? A system administrator is a knowledgeable person who has specialized knowledge. If they can successfully administer a large LAN composed of hundreds of users and a dozen servers what is the issue then?
I’m too busy!
One possible issue is that the administrator is simply too busy. Though as I am sure they will admit it is easier to simply go to the vendor site and get the patch then it is to rebuild an entire machine. This is especially so if it is one of your critical servers. That also begs the question of: does the sys admin regularly check that the backups actually work? Should the worst happen and you are compromised does your backup actually have what it is supposed to have? Nothing is worse then finding out your backup plan actually doesn’t work. Rather imperative I would think that you would need to verify the integrity of your restoration media. Few and far between are the admins that actually do check their backups in my experience. An unacceptable
Bibliography: Parker, DP. (2005, July 21). System adminstrator friend or foe. Retrieved from http://www.windowsecurity.com/articles/Sys-Admin-Friend-Foe.html Wikipedia. (2011, May 27). Network administrator. Retrieved from http://en.wikipedia.org/wiki/Network_administrator