Rouge Admins

I think we have all read about the Network Administrator in San Franciso that looked everyone out of the network. It is horrible that this happened.

After thinking about it, numerous clients could be at risk. The cityof San Francisco had a very big IT staff and someone audited the system and found he had changed passwords and also had installed rogue software.

In most small to medium businesses, the Administrator is not watched or monitored. They usually trust the administrator. I have walked into situations that could have ended badly. They had no documentation and a admin who was being fired.

I believe all businesses should have an audit of their systems. Audits will reveal if backups are working and security best practices is being followed.

The other item I recommend for medium size clients is to install software that will help monitor system changes. A product call CAT Tools works well. It will capture the configurations every night and can email you with what changed. If changes are happening, you will be notified.

Putting the correct audit controls in place will help catch this kind of activity.

Backups

We had a client who had a server crash last week. They were able to restore the data and bring the server back online. They had a good backup.

The problem was they were not able to access their files for over 1 day. They were using one of the popular backup software programs.

We have a new solution that provides a good server backup, creates an image of the server and shops the data off site. This solution also allows you to bring the server up as a virtual server. This will keep you up and running while you replace the server.

We have this running at a few of our clients and it is running very well. Overall, I am happy with the solution.