You know better than anyone that being a sysadmin is a difficult, often thankless job. You’re responsible for making sure the technical infrastructure of your organization runs like a well-oiled machine. Sadly, that means that no one notices when you do your job, and everyone immediately comes down on you like a hammer when something goes wrong.
There’s something many of you might not have considered – what if some of these failures are actually your fault? I’m not trying to accuse anyone here, mind you. Sysadmins aren’t technological gods, after all – they’re human, and therefore fallible.
The fact is that you might not be doing everything necessary to keep your servers safe, secure, and running properly. That’s doubly true if you’re new to the profession. But hey – don’t sweat it, that’s where we come in.
Today, we’re going to talk about a few best practices that every sysadmin worth their salt needs to engage in to keep their organization’s servers and networks secure. Let’s get started.
Keep Everything Up To Date
We’ll begin with one of the more obvious pieces of advice. I mean, everyone knows they have to keep their systems and servers up to date, right? That’s basic IT.
If that’s true, then why is the most persistent threat in enterprise not hackers or malware, but outdated systems and applications?
Whatever systems your business uses, whatever tools and apps are in place both server-side and client-side, you need to pay attention to security advisories and ensure everything is kept patched (and in working order). We advise taking a mixed approach to your update cycle – automate things to an extent, but maintain a testing environment so as to ensure that an upcoming patch doesn’t break anything it shouldn’t.
Talk To Your Users
It’s no secret that IT is one of the most hated departments in enterprise. It’s largely a communication failure. IT professionals look on their users as walking security time-bombs, while the users see IT as some nebulous, arrogant, unapproachable collective. The good news here is that it’s actually easier to solve this breakdown in communication than you’d think.
All you have to do is establish an open, honest discourse with your users, where you treat them as equals rather than problems waiting to happen. Ask them about their security pain points, talk to them about what they need to do their job, and show them that you care about their problems. Your department should exist to enable employees at the same time as it protects your organization.
Because if you aren’t making things convenient for them, your users will find their own way to do things – and it won’t be secure.
See To Authentication, Firewalls, and Intrusion Detection
According to Digital Ocean, every corporate network ideally needs three protections in place for it to be considered secure: firewalls, some means of authentication, and an intrusion detection/monitoring system. It’s also worthwhile to look into a VPN solution, so as to allow users to securely access corporate resources while in the field. You’ll have to do your own research here, I’m afraid – there are enough security tools on the web that a review of them warrants its own article (or perhaps even its own series of articles).
Mobile device usage in the enterprise has reached a fever pitch. Consider: 61 percent of employees work outside of the office at least part of the time, and the number of managed mobile devices in enterprise increased by 72 percent from 2014 to 2015 alone. If you aren’t doing your part to enable mobile employees, then you aren’t doing your job.
As an administrator, it falls to you to seek a comprehensive EMM solution that allows mobile employees to use the apps, devices, and resources they require in order to do their jobs. It falls to you to find an EMM platform that allows you and your colleagues to readily monitor and manage scores of applications, smartphones, and tablets. The market’s pretty crowded in that regard, so we advise looking for a solution that meets the following standards:
- Easy integration with existing infrastructure
- Backed by a business with security experience
- Holds a number of third-party security certifications and awards
- Includes systems for file management/DRM
- Easy to use from both an IT and an end-user perspective
Audit, Monitor, and Manage
Last but certainly not least, pay attention to your network. In addition to regularly looking at updates from your intrusion detection system, it’s imperative that you perform regular audits of your server and network security. Examine what services are running, what patches you’ve applied recently, what protocols you have in place for managing security emergencies, and what files are present on your server.
There you have it – a brief primer on some of the things you should be doing as a sysadmin to secure your organization. Don’t worry, all of this stuff isn’t as complex as it sounds. Just follow the advice outlined here, and you’ll be a security pro in no time.
Jamie Madison is the Marketing Director at Steadfast, a leading IT Data Center Service company. Steadfast specializes in highly flexible cloud environments, robust dedicated and colocation hosting, and disaster recovery.