We <3 SysAdmins

 In ITC's Threat of the Week

Today marks the 17th SysAdmin day billed as the ‘ single greatest 24 hours on the planet’ by the day’s totally unbiased founders, here.

The premise is this: SysAdmins and SysOps staff sit in the background and work long, often unpleasant hours getting the stuff done that keeps everything available and secure.

Today is the day for the user nation to rise as one and pat the SysAdmins on the back and thank them for a job well done, maybe buy them some pizza, or some beer or just give them a hug.

The world is waking up to the incredible value of this hidden army, slaving away in un-windowed basement offices chasing bugs, changing rules and keeping the ship straight. Unfortunately, not for all of the right reasons.

In Texas this week a former employee of CitiBank was given a 21 months prison sentence for deleting the configurations of the bank’s core routers in December 2013. A fact he pleaded guilty to the following February.

Having been reprimanded for poor performance, Lennon Ray Brown decided to stick one to his employer, presumably as he left the building, and clearly without understanding just how seriously this sort of activity would be perceived by the courts.

What probably didn’t work in Lennon’s favour was the two and a half year gap between his confession and sentencing, during which the world has moved on considerably and cyber crime is all over the news. Imagine?

The message from this case is very clear. Deliberate abuse of privilege will be thoroughly investigated, the rogue admins (who are letting the side down for the huge majority) will be caught, will be prosecuted and can expect to do the sort of jail time that drug dealers, serial burglars and other lowlifes receive.

The management and use of privilege is a hugely complex and fast moving area. ITC’s NetSure360° managed security service has use cases to alert on specific privilege events, such as privilege escalation in specific physical areas of the infrastructure, e.g. the front office, during business hours, or by specific users.

This is a very serious issue for both SysAdmins and the broader community. The development and maturity of effective controls and tooling is moving on at a dizzy pace and ITC, like all of you, is continually researching the market and the art of the possible. Watch this space.

In the meantime, to all the decent hardworking systems people at service providers and small to humungous enterprises, have a great SysAdmin day. You deserve it.

If you would like to discuss privilege or least privilege with one of our (guaranteed zero privilege) consultants, please contact us at: [email protected] or call us on 020 7517 3900.

Author: Kevin Whelan

Recent Posts

Leave a Comment

Tel:
+44 (0) 20 7517 3900

 

Contact ITC Secure

If you have a question, request, comment or requirement, please send us an email now and we will get back to you by return