System administrators are only human and are prone to make mistakes. IT systems can’t run themselves all the time and that’s why system administrators are required to intervene at some point. Due to the nature of the system administrator’s job, he or she gets a higher level of access to IT infrastructure than normal users.
When system admins take actions that are not expected of them, then there can be grave consequences. For example, the system admin might abuse the privilege for their own malicious intentions, for example, to steal important data.
System admins are also prime targets for identity thefts via techniques like spear phishing. However, the primary problem is that they are humans and are bound to make mistakes. However, systems administration can be made safer and better with the following tips.
Improving systems administration
Know the privileged users
Some standards and regulations make a statement about privileges; group admin accounts are not allowed at all. In fact, group accounts must be blocked, and privileged access should only be through identities that are associated with individuals.
Legacy privileged accounts must be closed
This includes all the default accounts that are provided with application and system software. It also includes the accounts that are being used for searching and closing the right tools as well as the accounts of those system admins that have left the organization.
Find ways to reduce system administration errors
According to research, on average, a system admin has an error rate of around 6% which leads to a wastage of time. However, with the help of system admin tools, one can get guidance to the correct devices, and the actions can be double checked thus reducing errors. Similarly, mundane tasks can be automated to avoid errors.
The access should be limited
Errors can also be avoided by granting the system admins the privilege to only those devices that require short-term maintenance. Instead of providing ongoing access, they should be granted a small range of devices for a short period, just enough to complete the task.
Encrypt the login details
The majority of the tasks assigned to system admins involve the maintenance of remote devices which needs the login details, as well as the instructions of the task, often embedded in scripts. However, it is common practice to do this in clear text. Since this provides an easy target for hackers, all the transmissions must be encrypted.
Make a backup of all IT devices
At one point or the other, IT devices are bound to fail. However, they can be recovered and set up once more in a short time. While many organizations emphasize on backing up servers, they hardly focus on backing up security devices and network, thus failing to realize that the failure of the two can be disastrous for IT access too. A regular backup of such devices must be made, and it should be stored securely so that it’s not stolen. The best method is to automate such backups.
Limit the access of system admins to data
To complete their assigned tasks, system admins only need systems’ data, and they have no use of business data; however, their privileges gives them access to both. Thus, to protect data, their access must be limited using the appropriate tools.
Dispose of old devices safely
Remember that all IT devices contain data that hackers can use for their own benefit. For example, content filters, load balancers, and firewalls have user details, system log files, and network-access settings. Therefore, before disposing of any device, make sure that all the data is deleted and all the hard disks that are involved are completely destroyed.
Prepare yourself to face auditors
Auditors are quite interested in what privileged users are doing. Thus, one must not only know how to associate a given system admin with their actions, but privileged user monitoring complete audit trail of the admin history of a device must also be kept. However, this trail can only be maintained if the access provided to the device is controlled. Similarly, the trail can only be maintained if the tools that provide the access keep a detailed record.
Do not assign system admins donkey work
One reason why system admins end up making mistakes is the fact that a majority of their tasks are repetitive and mundane. So, automating some aspects of their tasks and using procedures and tools to allow safe delegation to temporary and junior can also relieve system admins from dull work. Thus, system admins are then free to do productive tasks which in turn increase the value that IT provides to the company or organization.