February Article Up at Simple Talk: Exchange

Date February 27, 2009

My second article is now up and available at Simple Talk: Exchange.

The title is A SysAdmin's Guide to Users, wherein I discuss methods of interpersonal communication and policy writing.

Please check it out, and if you'd rate it, I'd be very appreciative!
Also, if you haven't subscribed to the newsletter, you can do that
here. There are a lot of very informative articles which come out each month, and you don't get spam from it. At least I haven't yet.

I actually wrote 75% of this article in the middle of the night while on my cruise. I woke up at four in the morning, and for some reason I wasn't tired. I wandered down to the all-night restaurant, got an iced tea, and started writing. This is the result.

Oddly enough, a lot of the first article was written at Grand Central Terminal, in the dining level. So apparently to write, I've got to be in a strange location, or a restaurant? My waistline hopes for the "strange location" option.

Thanks! And please check out the article and let me know what you think.

  • David

    I'm going to comment here, if that's OK -- I don't feel like registering at yet another website this week. :)

    I think that where you come down on the policy spectrum is more affected by where you are on the responsibility matrix. What I mean by that is that at many of my early gigs I was "responsible" for security maintenance; however I did not have the "authority" to make the required changes. The end result of this is that I was the designated body to discipline/fire if/when something bad happened.

    As I've gained more experience, I tend to assume I am responsible for security, even if I have not been tasked with it. It means that I have to communicate with management, sometimes right up to the very top (CotB/CEO level), what the security state is, what the risks are, and what changes and costs are required to change the situation. If, and only if, management effectively signs off with something being less secure than it should be do I drop it.

    It does mean I end up being in conflict with individual users and groups at times; but I view my job mandate to ensure the company as a whole succeeds, not just Joe User or Department X. But after doing this for a while you learn how to draw out the users and departments into a discussion with the management and executives. Everybody learns that keeping IT in the loop with regards to technology or connectivity needs makes things go much smoother.

    All this works to ensure not only that the company as a whole has its needs meet, but your ass has (if not bullet-proof) bullet-resistant cover.

    Bottom line is that I think security policy has to be directed from executive or management, not from the sysadmin level. We are the professionals, so we should absolutely advise, but at the end of the day it must be a management decision.

    Given that, though, I agree with much of what you say.

  • Matt

    @David

    Thank you for that very well thought-out reply.

    I do agree that frequently we find ourselves used as the instrument of decisions, rather than the author. It can be frustrating, especially when you disagree with or have personal issues on the action.

    One of the items in the System Administrators' Code of Ethics is to avoid conflicts of interest whenever possible. The "whenever possible" being the key phrase. A solitary admin will still have to be the one to delete his buddy's account. Sad, but that is one of the responsibilities of the job.

    And I completely agree that the progress of the company should be the driving goal of your job. We're fortunate in IT that we're often aware of the big picture, if just because we find ourselves implementing things in all of it.

    And you're welcome to comment on my blog any time you want!

  • Anonymous

    i liked the article.

    On your blog post: i'm pretty sure it's titled and not entitled. You could say, I've entitled: "title", but that just sounds pretentious.

    Not trying to be a nazi, just trying to help. I am not a grammar god, so a could be wrong. I don't have my "Elements of Grammar" with me like I normaly do.

  • Matt

    @Anonymous

    Thanks, I've fixed it. This is why I have an editor at the magazine
    :-)