Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Standard view
Full view
of .
Look up keyword
Like this
0 of .
Results for:
No results containing your search query
P. 1
Conquering the sys-admin challenge

Conquering the sys-admin challenge

Ratings: (0)|Views: 60 |Likes:
Published by quocirca

More info:

Published by: quocirca on May 09, 2012
Copyright:Attribution Non-commercial


Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less





Copyright Quocirca © 2011Bob TarzeyQuocirca LtdTel : +44 7900 275517Email: 
Clive LongbottomQuocirca LtdTel: +44 771 1719 505
Conquering the sys
admin challenge
The automation of sys-admin and the management of privilege and compliance
October 2011
Systems administration, or sys-admin as both the task and its practitionersare often abbreviated to, is essential for the smooth running of an
organisation’s information technology (IT) infrastructure and business
applications. Enabling sys-admins to do their work efficiently and safelythrows up many challenges, not least because they need to operate withhigher levels of privilege than normal users.Associating the use of privilege with individual sys-admins is essential forcompliance purposes. Ensuring all the data required by auditors iscollected and stored is necessary for maintaining infrastructure complianceand is only guaranteed if the processes for doing so are automated. Toolsthat enable the automation of sys-admin tasks are also the key to reducingerror rates, providing the confidence to delegate and making the wholesys-admin process more efficient.This Quocirca research report presents new data on how well organisationsare able to automate their sys-admin procedures, manage the use of privilege and satisfy the requirements of auditors. This should be of interest to those charged with the reliable delivery of IT, and also businessmanagers who understand the importance of IT to their organisations.
Conquering the sys-admin challenge
© Quocirca 2011 - 2 -
Conquering the sys
admin challenge
The automation of sys-admin and the management of privilege and compliance
Enabling sys-admins to do their work efficiently and safely throws up many challenges, not least because they need tooperate with higher levels of privilege than normal users; a fact that also attracts the interest of auditors.
Tools that enable the automation of sys-admin tasks are the key to maintaining infrastructure compliance, reducing error rates, providing the confidence to delegate and making the whole sys-admin process more efficient.
Sys-admins areessential to ensuringthe smooth runningof IT systems
Systems administration, or sys-admin as both the task and its practitioners are oftenabbreviated to, is essential for the smooth running of an
organisation’s IT infrastructure and
applications. The task involves managing high profile servers and the business applications thatrun on them, and also lower profile equipment such as network routers and switches, loadbalancers and security devices. Many of these devices are in remote locations and care needsto be taken to ensure that their maintenance is not overlooked.
Limiting the scope of privileged accessbenefits the sys-admin and theiremployer
It is easy to grant sys-admins wider ranging privileges to do their jobs than is necessary; thiscauses two problems. First, sys-admins are as prone to making errors as anyone and theconsequences of those errors can be serious if they lead to IT outages. Second, certainstandards and regulations require that the actions of individual sys-admins are recorded andauditable. This research shows that most organisations regularly allow sys-admins far moreaccess than they need to do their job, which makes regulatory compliance harder to ensure.
Clear association of the use of privilegewith individuals isrequired to putcontrols in place
Putting controls in place requires each sys-admin to have a unique identity and that using it isthe only way they carry out their work; access should also be taken away when no longerneeded. This ensures certain bad practices are eliminated, such as the sharing of group sys-admins identities, which, despite being frowned upon by regulators, the current researchshows many organisations struggled to get under control. The research also shows that manyfail to close down default privileged users accounts supplied with software; a gift to hackers.
Automating taskshelps avoid errorsand reduces theamount of mundanework
Few sys-admins tasks are fully automated; those that can be should be as this frees up sys-admins to focus on more valuable activities. Automation also helps to avoid errors, whichrespondents admit are inevitable. For example, once the identity of a given device is embeddedin a script there is no longer a chance that changes will accidentally be made to the wrongdevice; the research clearly shows that error rates drop if sys-admins no longer need to makeeducated guesses of device identities.
Identity managementand automationincrease theconfidence todelegate
Not all tasks can be fully automated but the more routine ones can be delegated to junior staff,help desks and/or third party support services. However, many organisations show a reticenceto delegate because they feel they are not able to limit the scope of the privilege access theyare providing when they do so. They also worry that, having granted such access, it will not getrevoked afterwards. These problems can only be mitigated if good identity management is inplace. Automation also helps here; if certain tasks can be partially automated it is easier todelegate them without having to spend time tutoring the staff the task has been passed to.
Identity managementand automation arekey to meeting thedemands of auditors
Auditors require certain practices and processes to be in place when it comes to sys-admin andthe use of privilege. One appalling practice admitted by some of the respondents was that theymake uncontrolled changes to sys-admins
procedures immediately prior to audits and thenrevert to the old ways afterwards. This would surely lead to an audit failure if uncovered. Therewould be no need for this if better tools were in place. Privilege identity management isessential for compliance and it is also essential to ensure the automated recording of allprivilege user activity.
Having the tools in place that enable the automation of many sys-admin tasks and the management and recording of privilege user activity are the key to reducing error rates, meeting the demands of auditors, ensuring compliance,providing the confidence to delegate and making the whole sys-admin process more efficient.
Conquering the sys-admin challenge
© Quocirca 2011 - 3 -
Introduction –sys
admins and sys
IT systems need administrating and that requiressystem administrators; in the trade, the practitionersthat carry out this work are often referred to as sys-admins, as is their work. Sys-admins have a broadrange of responsibilities from deploying newsoftware and devices through to managing data andusers and disposing of equipment that is no longerwanted. Increasingly, they are also tasked withintegrating externally provided IT services with thosethat they manage internally.On top of all this, sys-admins play an increasinglyimportant role in ensuring their organisations are incompliance with various regulations. There are twoelements to this: first they are guardians of much of the information required by auditors, and reportingthis tends to take more and more of their time.Second, their own activities, usually carried out withhigher levels of privilege than normal users, are of particular interest to the auditors.A rough calculation suggests there are between 1 and2 privileged users for every 100 normal users, at leastamong smaller organisations (1,000
2,000employees, Figure 1). This is based on researchcarried out for this report into sys-admin practicesamong UK based organisations.The research investigated the extent of sys-adminbad practices, the controls that are exerted overprivileged users, the degree to which sys-admin taskswere being automated and/or delegated and howthoroughly key sys-admin goals were being achieved.Two of the most important goals are ensuring thecontinuous availability of the IT infrastructure(business continuity) and the recording andpreparation of data for auditors for compliancepurposes.This Quocirca research report outlines the state of play in the sys-admin world and should be of interestto any business or IT manager that wants to assesswhere their organisation stands when it comes tosys-admin practices; the granting, use andmanagement of privileges; and their ability to complywith certain standards and regulations.
Limiting the scope of access for sys
All employers would like to think they can trust theiremployees, but most know that, in some cases,implicit trust will be misplaced. This is a particularworry when it comes to sys-admins because of theprivileges they need to do their job. It is not that sys-admins are any more prone to malicious behaviourthan other employees (although some are), but thatthe very privileges they have means that errors theymake in carrying out their day-to-day work can havewide ranging and serious consequences.For example, the failure to backup up a serverproperly (or at all) may mean data is lost and aproject is put back by days or weeks; wronglyreconfiguring a network firewall may lead to remoteusers being locked out of systems they need toaccess; or spinning down the wrong disk volume formaintenance purposes may leave an email server outof action.

You're Reading a Free Preview

/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->