Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

30 Years a Sysadmin

Sandra Henry-Stocker | Oct. 1, 2015
Looking back after spending more than 30 years as a Unix systems administrator, I have to say that's it's been quite a ride.

Virtualization has become a major factor in our data centers.  Many of our servers are now just segments of resources on larger servers, able to be shrunk and grown as needed to meet our demands, and easily migrated to alternate data centers as needed.

Most of us rely on fairly versatile ticketing systems to keep track of all the problems that we are addressing and tasks waiting to be completed.  We might be "just" doing systems administration, but that role has moved heavily into managing security, controlling access to a wide range of resources, analyzing network traffic, scrutinizing log files, and fixing the chinks on our cyber armor.

Security

In the early part of my career (maybe the first ten years or so), security was fairly lax. Maybe we forced our users to change their passwords every year. I remember once writing a program to pseudorandomly generate passwords by clumping two short words together, but it was nothing like what I do today. Security in those days was not a hot item and most of the people that I worked with were far more cavalier than I. When one of our speakers at a Sun User Group conference that I helped organize in the 1990s suggested that we all think like attackers, the thought seemed quite revolutionary.

This aspect our being a sysadmin has undergone more change than likely any other. Today, you're irresponsible if you're not behaving in a manner that might have seemed paranoid 20 years ago. The tools we use and the measures we go to in order to secure our systems are orders of magnitude beyond anything we would have considered back then. Passwords are longer and the systems we manage allow us to configure complexity measures. The suggested password length has gone from 7-8 characters to 12-14 and the expiration times have gone from once a year to once every three or four months for most of us.

In addition, the tools that we use have become dramatically more sophisticated. To some extent, we do become the attackers, using vulnerability testers like Nessus and Nexpose that discover the holes in our systems (hopefully before our attackers do) and sometimes even exploit them. We're also on the lookout with intrusion detection systems watching for signs of malicious activity and data loss prevention tools trying to keep our organizational "jewels" from leaking out the back door. And following a briefing with Palo Alto just yesterday, I don't imagine that I'll ever think of firewalls in the same old way again. They're moving from the perimeter of our organizations into the middle of everything we do. They're smarter, faster, and they're focused on what's happening, not just on what doors (i.e., ports) the traffic is moving through.

 

Previous Page  1  2  3  4  5  6  Next Page 

Sign up for Computerworld eNewsletters.