"At one point he was concerned about the security of the FiberWAN routers in remote offices, so he had them set up without saving the config to flash. "If they go down, I'll get alerted, and connect up to them and reload the config." Great, except we have power outages all the time in this city, some of those devices aren't on UPSs, and what happens if you're on vacation? And what about the 15 to 60 minutes it might take you to connect up and reload? He eventually conceded and (ahem) decided that disabling password recovery was sufficient security."
After reading that would you reboot any of those routers? Source
All production system-level passwords must be part of the security administered global password management database.
In fact, if the passwords had been in that database, then he would A) probably never had been asked for them and B) would have been able to say "you need to request access from the security department"
Now HE may have thought they were "user" passwords because the system was his baby, but if you truly agree with that
Don't bankrupt the tax payers because PA residents pay school taxes by district
Ha, the school districts around here ALREADY do their damnedest to bankrupt the homeowners in their districts.
He was in custody Friday night, pending charges that could include criminal nuisance, endangering the welfare of a minor and obstructing government administration, Smith said.
And no i'm not new here.
So In July 09 it seems that the "count everyone" unemployment rate was 16.5% with the "official" rate was 9.5% That includes discouraged workers, Those who took part time job and anyone else classified as a marginally attached worker.
And how exactly do you pull off being exact and punctual while being sloppy and unable to figure out what time it is from being drunk?
Practice... lots and lots of practices. Speaking of which it's time for me to do some practicing.
>>What sort of security do you put on your backup infrastructure?
I guess it depends how valuable the data is, how current it needs to be. Does it need to be kept secret or simply kept uncorrupted? How fast do you need to access these backups. The harder for you, potentially the more secure.
For starters let's have a copy off-line in a location where the servers are not. Heck, choose another location for more security. I am thinking: A tape and a DVD in a safe with a lock on it. And another somewhere else.
If you really need to keep it safe, commit it all to memory and then shoot yourself in the temple.
I think you are missing an even bigger problem. How many of your servers does your backup infrastructure have admin access to - or if not admin elevated access? Are your backups a push or pull? If they are a pull you now have INBOUND firewall rules from your backup segment into your other network segments allowing the backup server to talk and start the pull. Or if you have a backup segment, there is not firewall protection, except host based firewalls, which have rules to allow the backup server to talk.
Yes having multiple copies is a good idea, but backups are a very dangerous thing security wise if not done right and secured properly.
I don't have any issues with boot time in windows 7. It's up and running in about 20 seconds
And how many applications are installed? Unless MS does something amazing, once you finish installing Office, windows boot times traditionally go out the window. And every application thereafter makes it worse. Also, keep in mind that what people are perceiving as boot time is from off to a useable state. For a server this means off->services running. For a user PC this means Off-> Fully Logged in and can launch applications.
Actually quite a few - I use it as my main work machine now with an XP laptop as backup. The full office suite, all of my remote admin tools, VMWare Client, Im, etc. using your definition of usable: fully logged in and can launch applications, my machine is usable in about 30-45 seconds from off and this includes the time it takes me to enter my username/password at 9am before i've finished my first cup o joe. I'm actualy working in about 3-5 mins from boot, outlook up, im up and possible a few ssh sessions and RDP sessions going, depending on what i need to check in the morning.
Build a system that even a fool can use and only a fool will want to use it.