|
||||||||||
|
||||||||||
This is an archive site only. It is no longer maintained.
You can not post comments. You can not make an account. Your email
will not be read. Please read this
page if you have questions. |
||||||||||
Lessons of 9/11 for the System Administrator
In the wake of the tragedy of 9/11, what lessons can a System Administrator learn? This article highlights the bitter lessons of 9/11, and helps you prepare for such disasters. |
|||
1) Have a good, tested backup plan.
There are companies that were housed in the WTC that went out of business on 9/11, and there were companies that were housed in the WTC that were open for business in a day or two. A safe, tested backup policy can make all the difference. Be sure to have adequately sized tape drives for backup. Come in on a weekend or two and recreate a server from backup tapes, so you know how long it takes. Document everything, and prepare for growth. If you find that you've outgrown your backup capacity, upgrade now while the horror of 9/11 is still fresh on those controlling the pursestrings. 1a) Have offsite backup. Keeping backup tapes in the storage closet is no longer good enough. You need backup tapes stored offsite. The ideal offsite storage is an abandoned coal mine or limestone mine in Apalachia (the locals work cheap, the state governments are willing, and the locals aren't sophisticated to know what to do with 4mm dat tapes). If your company doesn't have the cash for that, offer to move into a bigger house or apartment, with one room being locked and fireproofed to store backup tapes. Of course, you will need a modest stipend to pay for your larger quarters. 1b) Offsite backup machines While many of the WTC affected companies were donated PC's by the PC manufactuers, you may not have that luxury, especially if your disaster is not photogenic enough, or terrorist related. It makes sense to have a few high end workstations and a server in your house, for immediate use in case of disaster (until then, can you say LAN party?). 2) Have a disaster plan Think of the worst things that can happen to your company, and work out a response. Power loss, flooding, plain crash, riots, anything that will disrupt your company needs to have a plan made for. If your company doesn't have a disaster preparedness officer, get one. And who else has experience with sudden failures and crashed, but you? Once you've assumed the mantle of Disaster co-ordinator, brainstorm every possible disaster (Tom Clancy noel's become a business expense), and work out a response. Have monthly drills, so the peons get used to your authority. Along with this added responsibility, you should lobby for a larger salary, and a better sounding title. May I suggest Vice-President for Disaster Planning. 3) Be aware of who you hire Your biggest danger is from a terrorist on the inside, be careful of whom you hire. It would be nice to only hire Americans, but in the land where Wrestling biographies are on the top ten bestsellers list, Americans who can handle a computer are becoming rarer and rarer. The few that are compentent with computers tend to have attitudes, if not allowed to waste hours a day surfing the web for pornography and weblogs, they get whiny and cantankerous. So, I give you a rundown of various foriegners; who to hire, who to avoid. Europeans: Western Europeans have been spoiled by their socialist nanny-state, and will be loathe to work more than 35 hours a week. Eastern Europeans are very smart, and work cheap, but usually come with organized crime ties. What you make up on cheap salaries you lose on disappearing laptops. If you have a good source of old laptops, a Russian may be your best choice. Arabs: Have the lessons of 9/11 taught you nothing? Al Qeada sleeper agents have been in the US for years, do you want to take the chance that the cheap camel jockey you hire is possibly a terrorist? Don't make Henry Ford's mistake and assume that because you both hate Jews, you will get along. Point any Arabic applicants down the road to the Yemenese-owned mini-mart, and save a copy of their resume for the FBI. Of course, in Detroit you may have trouble not hiring Arabs, they're everywhere. Asians: You're getting better. They work cheap, they have a good, tireless antlike work ethic, they're smart, and they're women are cute. On the negative side, they're likely to leave you to start an Asian company, using you rpropietary technology. Handle with caution, they're reliable if you can get them married to an American. Indians: Now we're talking. They work cheap, they're smart, and they're women are cute. Plus, centuries of British rule have made them very respectful of any white-skinned English speaking person. 4) Increase security If there's anything 9/11 has taught us, it's that we can't be too secure. As the System Administrator, you are in the front lines of any IT-driven terrorist activities, you need to maintain a proactive stance in detecting, responding and neutralizing threats to your IT infrastructure. I suggest a three pronged defensive triad; watch network traffic, secure your server room[s], and arm yourself and your trusted lieutenants. 4a) Monitor email, tcp/ip traffic There have been countless books and articles written on monitoring email and tcp/ip traffic.I can add little new to that except to watch out for frequent traffic to known hacker sites, such as Slashdot and HardOCP, for any terrorist intending IT-terrorism will surely have a few hackers in their pocket. Also, do not let yourself be hampered by ethics from a kinder time. Perhaps the tragedy of 9-11 would have been lessened if a few more busybodies had snooped in thier users email. Plus, you might get lucky. 4b) Fortify the server room Re-examine your server room with a critical eye. Is the door steel? Is the card reader unpickable? Do you have a separate oxygen supply, and enough food and water to last for a day or two? What arms do you have to hold off an attack? Yes, arms. It's obvious that relying on passive defenses will no longer stop determined terrorists, and the police may not be able to provide immediate assistance. You need a gun or guns in your server room that are easy to handle, and will provide man-stopping power. I suggest a shotgun for starters. For a minimum, I would suggest a military/police style shotgun, loaded with deer slugs or ball. If you're a Matrix fan, like msot geeks, I would suggest a Streetsweeper", though they are pricey. If you're on a more reasonable budget, you can't go wrong with a Mossberg. Now, some of you are saying, what about an M-16? Well, thanks to Billary, getting a decent pre-ban AR-15 is hard, and the firepower is generally overkill for all but the largest corporate sites and nuclear power plants. Leave the assault weapons to the pros. 4c) Arm yourself Picture this, you're at the server room door, keying the cypher-lock, when several swarthy terrorists rush towards you, brandishing box cutters. Would you prefer: a) Employee manual, detailing that firearms are prohibited on the premises b) 9mm Beretta with frangible bullets, for limiting damage to sensitive computers. It's clear that the old employee regulations forbidding handguns on work premises need to be rewritten for IT personel. You need to carry a sidearm to protect the corporate IT infrastructure from physical attack. What you carry depends upon whether your enemies might know that you carry, if no one knows you carry a gun, a pocket gun might be a good choice. On the other hand, if it's know you are armed, expect to be confronted by armed attackers. Some good choices for an easily concealed (smaller than a Palm) pocket guns are: http://www.a-human-right.com/RKBA/p32/size.html NAA Guardian sells for about $450 with two magazines and Seecamp for around http://www.seecamp32.com/ Some good choicesfor the more heavily armed administrator are: a) 1911 Colt .45: This gun oozes history, and the .45 caliber bullets proved their gook-stopping power in the Phillipines. b) Beretta 9mm: Standard US military sidearm, if you hire ex-military men they will already be trained. c) Glock: For the X-files fans. d) Desert Eagle .50: For the Matrix fans. One caveat, if you're the normal, scrawny, wimpy geek with bird like arms, arrange to test fire a few different handguns so that you can see what you can handle. A .25 or two in the torso is a lot more effective than a few .357 magnums in the ceiling because your wimpy ass can't handle the recoil. 5) Keep key personnel offsite
6) Keep personal contact to a minimum.
|