26/07/2018

Sudo love your admin

Sudo love your admin SMB Security

IT managers are the “hidden champions” of a company - including those who work for G DATA. They work away behind the scenes, ensuring that our networks and PCs run without any problems, tracking down malfunctions and being very patient when it comes to users’ challenges. There is even a very entertaining song about this.

But today, in the light of digitisation and a fast-paced working life, they face new - as well as familiar yet modified - challenges that are perhaps not immediately on everyone’s radar. So we would like to straighten this out and highlight some important points:

The problem lies between the monitor and the chair

“You know all about computers”; “I didn’t do anything”; or “It’s always been like that” are surely some of the commonest sentences system administrators read or hear. And initially, every user assumes that the problem is surely to be found on the computer and not with themselves. But experience makes one thing clear: in the majority of cases, the user is at fault. In this case there is nothing else for the system administrator to do but launch the monitoring tool, connect themselves directly to the user’s PC, or drop by in person to maybe talk it through. One humorous depiction of such a scenario can be seen in British sitcom “The IT Crowd” broadcast in early 2006. Common sources of errors are accidentally disconnected power plugs or cables, pressing the Caps Lock button or an unrecognised password. In the first case, this means that the computer can’t be switched on or the mouse can’t be used. In the latter cases, access to the computer is denied because the Caps Lock is on or the password is unrecognised because it has either been entered incorrectly or is completely out of date. On the subject of passwords, when configuring company computers, good administrators provide a robust template for a strong password. For “World Password Day 2018”, we authored an article on this subject containing seven tips for better account security.

Increased threat to IT security

Who if not us doesn’t understand that IT security is a key issue in every company? All the more so when we take a look at the EU GDPR and consider the sanctions it contains. The concept of “Bring Your Own Device” (BYOD) is increasingly placing a strain on networks and exposing them to threats. Only recently we reported that a new Android malware strain is circulated every 7 seconds. It makes you wonder about a new negative record. What if such malware is active on a private device and this is connected to the corporate network? In this event, it’s worth being prepared for the worst-case scenario and implementing an Incident Readiness Plan. Such a plan is crucial for being able to respond preventively in an emergency. Admins especially need to be able to respond quickly and depend on a set procedure as, at that point, every second counts to avert IT outages or financial damage.

From geek to explainer

The cliché that IT administrators are geeks, usually male, have long hair and wear nerdish T-shirts may be amusing to have in your head, but it is no longer the reality. The fact is, we love our admins because they are a bit different from us. But being different is not a bad thing - quite the opposite: it makes them likeable, and in today’s world that’s also important, as the admin increasingly acts as a trainer, friend, and helper. He is no longer just a colleague who solves problems with mouse clicks and command line entries - plus a bit of magic and fairy dust. Rather, he is a trusted adviser who provides information on security risks. Not everything we read in emails and the like is true. That Nigerian prince hasn’t suddenly got millions of Euros that he wants to transfer to you, and you haven’t won 650,000 Euros in the lottery. The nice guy from next door with a six pack doesn’t want a date with you and the latest iPhone X isn’t really for sale at 249.95 euros. The IT admin sees the human factor as a major security risk for his network. Hence social competence and sensitivity as an explainer is an important attribute, and even a requirement, for an admin. The switch to digitisation cannot just be regarded as a modification and enhancement involving 0s and 1s in programs and networks - the human element also plays a substantial role here.