Here in London the TimeOut magazine is a must read (they also have an awesome blog). One of my favourite weekly features is the hilarious and regularly cringe-worthy: “Overheard in London” #wordonthestreet.
The premise is simple, people tweet and submit the weird, witty and humorous stuff they’ve overheard people say in London that week. Here are a few examples to give you a flavour.
"I'm the system administrator. I can do what I want."
- “Cassuis Clay, isn’t he that guy from ‘Rocky IV’?”
- “Sometimes I add the ‘Sent from my iPhone’ to my emails, just to seem super-casual.”
You get the idea. In Friday’s round up this little gem caught my eye and set me thinking about the psychology of those people who look after IT systems in most businesses.
- "I'm the system administrator. I can do what I want."
So what are the chances that your sysadmin has a god complex? Well if they’ve been in their job for some time then the odds are much higher. Traditionally, these roles have been given arbitrary access to all sorts of IT infrastructure and as “Kings of the Network” no one would stand in their way or restrict their access … to anything.
We all understand that attitudes to information security have changed, and that the idea of one individual having limitless access to an entire network infrastructure creates huge risks and heightens the risk of both data breaches and nefarious actions by an insider. After all, Edward Snowden was a system administrator, and we all know how that turned out.
I’m sure there are huge numbers of administrators who are as professional and dedicated as any employee could be, but are even they worth putting your company’s data or reputation at risk? It’s time to control access and where necessary monitor activity to make sure businesses are compliant and secure, that’s in everyone’s best interest.