AgTalk Home
AgTalk Home
Search Forums | Classifieds (95) | Skins | Language
You are logged in as a guest. ( logon | register )

Cyber security?
View previous thread :: View next thread
   Forums List -> Computer TalkMessage format
 
golfnut
Posted 8/22/2014 14:48 (#4032357 - in reply to #4031206)
Subject: RE: Cyber security?



Central Nebraska

I like these debates!  They make us think about best practices and hopefully not sound like hypocrites in the process.  I guess the point I'm trying to make is that security is simply risk management.  A network administrator should try to minimize the exposure their system has by either eliminating (minimizing) points of entry and making the required points of entry hard to find and/or difficult to breach.  Also, the security aspect of a system is more than just preventing unauthorized access.  I could make the most secure system ever but it may also be the most unusable system ever.  Therefore I utilize the internet and apply the previously mentioned processes.  Once that is done the network admin needs to insure reliable data access which includes automated backups both on and off site and a documented, rehearsed recovery process.

For example over the weekend I assisted my previous employer move some servers from one slow server to a new server.  In the process we upgraded one server and installed another one.  All went well until the IT guy deployed patches on Monday evening and unknowingly told the domain controller server to reboot while unattended.  It didn't go so well and Tuesday morning the server was unavailable.  After three hours of investigating we figured out that the actual cause was a USB drive used for backups.  A combination of the patches and new USB drive caused the server to hang on boot until we unplugged the drive.  It was the first time in 13 years of IT work where I was concerned about loosing data.  I had even started restoring the most recent known good backup, which was about 1.5 days old.  Throughout that entire process we found a weak link in our process.  We run VMware ESXi for virtualization, which requires a software client to manage.  That client is installed on several workstations in the office but the users did not know how to log into the workstation if it couldn't contact the domain controller.  On top of that, the install files for the client software were stored on a network device that also required server authentication to access.  Strike two!  So we tried to download it.  VMware had changed their site and we couldn't find it.  Strike three!  Fortunately the IT guy's workstation booted up when we turned off the domain controller and we could then access the virtualization platform.

Top of the page Bottom of the page


Jump to forum :
Search this forum
Printer friendly version
E-mail a link to this thread

(Delete cookies)