Comment Re:That's what you get (Score 2) 166
Since you're a member of the 4-digit ID club, then you may just be old and gray enough to have survived more than 10 of them. Are you functional or technical?
Since you're a member of the 4-digit ID club, then you may just be old and gray enough to have survived more than 10 of them. Are you functional or technical?
This says less about Sony, and more about the judge in the case. According to several ratings websites, Hon. Joseph Spero is pretty new to the Magistrate bench, and has the reputation for being predisposed to siding with government and business 100% of the time. Hopefully there will be an injunction and appeal coming soon on this.
Most cable and DSL ISPs offer a small business plan for exactly what you are doing. You get static IP addresses, reverse DNS, and no blocked ports. This should really be a non-issue.
Also, most of the time, small business IP ranges are outside of the ISP's regular dynamic range, so your chances of being on a RBL are significantly lower.
Mostly, except in very small organizations, there are several implicit safeguards to keep any one person from doing evil with the systems. They are subtle, but effective.
Peer review: Most sysadmins are hired by other sysadmins, or at the very least a technical manager. This means that you are hired based on your skills, reputation, track record, and demonstrated attitude. This means that ideally, you wouldn't even *think* about intentionally subverting a system, because that would mean breaking it or compromising it in some way, and most professional SA'a are simply too OCD to allow it.
Business continuity: Most organizations have several layers of continuity in place, such as disaster recovery scenarios, system snapshots, monitoring, and auditing. This means that unless you are VERY subtle, or work for an entirely incompetent team, you WILL get caught, and the damage will be minimized as you are being put into a police car, never to work in IT again.
There are no "indispensable people:" If you are a sysadmin, and you are the only one who knows your systems, you have not done your job. Every system and app should be documented, and there should be accountability for every change and decision.
No technical solution will ever replace good management and planning, and a design that eliminates the vulnerabilities of a system to rogue sysadmins, will also eliminate its flexibility. It's just a lot cheaper and easier to try and run a good shop.
I'm guessing your work email address ends in
If you're like most IT managers, you probably have a budget. Which is probably wholly inadequate for immediately and elegantly solving your problems.
Look at your company's business, and how the different offices interact with each other, and with your customers. By just upgrading existing infrastructure, you may be putting some of the money and time where it's not needed, instead of just shutting down a service or migrating it to something more modern or easier to manage. Free is not always better, unless your time has no value.
Pick a few projects to help you get a handle on the things that need more planning, and try and put out any fires as quickly as possible, without committing to a long-term technology plan for remediation.
Your objective is to make the transition as boring as possible for the end users, except for the parts where things just start to work better.
"Engineering without management is art." -- Jeff Johnson