Security Threat Most System Administrators Are Not Aware Of

Most System Administrators are always well-informed about external threats to any computer systems they are administering. Their server rooms or data center, in case of large organizations, is equipped with the latest devices and software to counter these threats. External threats may be the biggest doom for any System Administrators, but there are also threats that can be as risky - threats and attacks from within. And would you be surprised if I say that employees are the biggest source of internal security threats.

However, much of these are done by corporate users unintentionally, more out of ignorance than out of arrogance. Employees just do the things they know how to, without even trying to learn the consequences of their actions. Below I listed some of the more popular issues employees make that make them an internal security threat:

Employees are most often the cause of virus infections
There are several ways corporate users unknowingly infect the network with viruses. First and most common is the clicking without thinking habit. Oftentimes it happens when an employee receives an email with an attachment even if the email came from someone they do not know. Their curiosity will get the better of them. It is only after several hours or could even be days that the user will send a complaint to the IT department. Which at this time the virus might have already spread to a large number of computers inside the company network.

Another common way employees infect viruses in the company network is through those common USB dongles or SD cards. These devices are used to connect into different computers or devices other than those that belong to the network. If the computer the dongle or card was attached on has a very weak security or anti-virus system, then surely it is capable of infecting other computers. This is also another way of spreading the virus within the network.

Improper use of passwords
The most common issue among employees. Aside from not knowing how critical having a strong password is, users can sometimes make the mistake of lending their passwords to other co-workers. This practice is common among those who have close relationships with each other. But the trouble comes when the passing of the password become out of control. The original user might not be able to trace how far the password may have traveled to.

Incorrect use of file sharing/permissions
Even if a company has an ERP system running on its network, every user will have its own file directory stored on their workstation. And mind you that these files are sure to contain valuable company data. Some of these confidential data may be stored on networked storage. The trouble is they do not know how to secure these folders and leave the default permission as is, which is easy to share with or "networkable". This could lead to trouble if accessed by unauthorized or disgruntled employees.

Unauthorized machines or devices
Sometimes employees may bring their own laptops or phone to the office. Either they use it in their work or for other reasons. Most likely it is to connect into the company internet connection. Either they use it for internet surfing or for work, the device will be able to enter the company network. If the security system of that device is low then it is a possible source of a threat.

Unauthorized use of the internet
Let's face it, internet usage has become somewhat indispensable to the way we work. Whether the company uses the cloud or not, employees will in one way or another have to access the internet in the performance of their tasks. But you cannot monitor each user's internet usage every hour of the day. System administrators may institute some policies and rules, but these are oftentimes not being followed. Some may block some web sites, but when employees learn how to use proxies, then a work around the firewall is possible. When this happens then productivity suffers or worse, the web site visited may contain malware that can potentially harm the network without the employee realizing it.

Unauthorized installations of software
I've seen some companies who are very lax in the administration of their networks. Most of the time this is also due to management not being aware of the different threats in their company network. They do not want so stringent rules. But giving in to this situation will bring trouble not only to the company network but to the System Administrator himself. Surely, this laxity will be exploited by employees. If this happens, you will find different types of applications and software not necessary for the work of the employees installed in their workstation. Most of these unauthorized applications are for gaming. Or if not, the worse is that the applications will by unlicensed. Software piracy means a very costly trouble for the company.

These are the most common ways employees become an internal threat to any company network. There could be other ways. Every System administrators must be aware of this else it becomes their disadvantage. They must also learn how to teach each employees the proper way to use the computer, how to keep safe online and their limitations in using company network. Management must also support policies on internet, email and company network usage formulated by the System Administrators. They were hired to do their work in protecting company networks from all threats - external and internal.

The Power of Team-Work

Remember this Coke ad? It's a bit entertaining but it does have a subtle message - what team work can achieve.

Positive Attitude is Everything

It's a hard day... but with a positive attitude?

A Most Fulfilling Opportunity For Any Project Manager

Recently, I had a meeting with a friend who consulted me regarding his office computer network. There I was able to meet a young and affable businessman who has a heart for the poor youth. His business is into web development specializing in graphics. As we were discussing some business ideas, he raised his desire to put up a program to help the underprivileged youth and train them in graphic design. I let him explain, but the idea he presented was for me, still very vague. It is a noble intention worthy to be pursued. With careful planning it can be a very fulfilling project. For him and for any project manager.

Since, I was once involved in a program who ministered to youth development and poverty alleviation, as a project manager I offered him some concrete ideas on how to make his noble desire a reality and most importantly, viable and sustainable.

I presented to him three deliverables: Education, Employability or Entrepreneurship, Excellence and Ethics. These three, I believe are the most important aspects in developing the youth to help them gain talents which they can use to alleviate their economic condition and to become responsible citizens of this country.

Education
In my experience with the out of school youth, their academic life starts to wane when they reach an age where they are able to find menial jobs, or worse, a gang where they feel they can belong to. Most are males. Statistics show that males are the most susceptible to drop out of school not only because of poverty but mainly for lack of proper guidance from parents or guardians. When they turn to neighborhood gangs, their lives turn to hooliganism. Sad, but it is very true and this is the reality. Thereafter they are stuck to doing menial jobs most of their lives because they lack the necessary skills or training.

The first process then is to enhance their basic literacy in the three R's - reading, writing and arithmetic. My experience shows that these youth may be able to read, but can only comprehend a little of what they have read. It is understandable since most of them might only have three or four years of schooling.

Fortunately, the education department has a program for these out of school youth. It is called the Non-Formal Education Program or NFE. The youth does not have to be enrolled in a formal school setting but will be taught lessons that can enhance their comprehension guided by an DepEd accredited NFE teacher. After completing the required lessons, a certification shall be awarded to the youth depending on the level of the NFE training - elementary or high school - they received. But this program is not a substitute for the formal education, it is only a stop gap remedy for the youth to catch up on the lost years he should have been in school. Enhancing their capacity to comprehend is the objective of the first deliverable.

Employability or Entrepreneurship
After their comprehension and literacy is satisfied, then it becomes viable to give them skill training to make them employable or better to enhance their entrepreneurial spirit.

Let's get back to what was discussed - graphic design. Teaching them just the basics of graphic designing won't be enough. We have to take into consideration the environment they lived and grew up in. What influenced them. In my experience, I found that their paradigms and creativity, though they may have the talent, are limited. Mainly due to lack of self-confidence or knowledge.

Therefor in designing a curriculum for their graphic design training, how to appreciate art - classical, abstract, contemporary - has to be included. This would then be the foundation of their graphic and artistic talent,confidence and paradigm building.

Excellence and Ethics
Lastly, but importantly, they have to be taught how to love their work or trade and how to be competitive in the real world. Remember they may have come from a home or community environment that is less than desirable. They may have been gang members living on the edge or in conflict with the law. Thus, it is also important that they have to undergo moral and personality development.

Business is governed by ethical standards. There are written or unwritten rules that must be respected. In other words, to succeed, one has to have integrity. He has to earn respectability by being trustworthy not only in his work or trade but in life, whether he is employed or a businessman or tradesman.

Fulfillment of a Project Manager
As in any project or program, it has to be viable and sustainable. There will always be a lot of processes involved. Helping and training the poor to alleviate his economic condition is not an exemption. If is to be done, it has to be done in an exemplary way. The project presented here may be taken as one holistic approach if budget and resources will permit or may be broken down into smaller and more manageable endeavor.

People development are more complex but has a far reaching effect on one's inner being than developing any product or services. But if done with love and  inspiration, it will be the most fulfilling opportunity for any project manager. Nothing beats achieving an objective that benefits people in need. Take my word for it.

So What If It Isn't Working As Planned?

You and everyone else thought you have a wonderful project plan. All seemed to be well thought out. The team is on a high note and are raring to start. The other stakeholders are just about as excited and are more than willing to give you the budget and their most sought-after approval and support. Great!

The project is going fine and according to schedule. However, towards some stages, problems keep on cropping up threatening the whole project. There could be a number of reasons why projects can falter aside from a bad project plan design: office politics, vendor delays, equipment malfunctions, or even team members' waning or lack of interests.

When everything seems to be going adversely, what do we do? Of course there is no use fretting or sulking in a corner. Rather, make it an opportunity to show and test the mettle of your leadership.

First, we have to admit the problem exists. Don't play the blame game, nothing will come out of it. Rather, as the leader of the team, have the guts to accept the problem exists and is staring us in the face. Avoiding it or sidestepping on it will not help in hurdling the problem. If it is an oversight, have the courage to let it be known by all the stakeholders squarely.

Second, make the necessary adjustments or changes. Once you have admitted the problem exists, gather all your strengths and assets to make all the necessary adjustments on the original plan. This option is sometimes the only way to save the project and worse, your job or your career. Document everything especially the changes that have to be done. After you have made a viable secondary option, share it with all those concerned - from the one with greatest influence to the one with the least. Do not leave anyone out in the cold. Remember three things: one, communication is always the key to success; two, teamwork can spell the difference, no one person can take all the credits; and three, the blame cannot be shared but will only fall on one shoulder - yours.

Third, reach out to all the persons concerned - team members, stakeholders even second or third parties that may be involved. Negotiate, compromise, whatever it takes to complete the project. Take also into consideration the culture and the politics involve within the organization. Use the political inclination of each influential stakeholder and use it to the advantage of the project.

Sometimes all it takes is a little courage to straighten things out and come out blazing. Again, it all starts from you.

Further Reading Resources:
What to do when your solution doesn't work
Ron Ashkenas: Use Office Politics to Your Advantage
Ron Askenas: Why you should question your culture

Evolution or Extinction?

An organization is a place where people of diverse backgrounds and competencies converge. Where people function according to the abilities they can contribute. A place where they are finally given the opportunity to show their prowess after years of training and studies.

But an organization is never static, it is dynamic. It has to evolve with the changing times or be left out and die. The same is true with the people involved in the organization. People has to be able to keep pace with the ever changing environment and the way tasks are done. What they have trained for years might not anymore be suitable tomorrow.

Take for instance the world of computers and technology, the pace is hectic and dizzying. With this kind of situation an IT person has no other choice but to evolve as fast. Newer technologies are ever changing the way consumers and enterprises do their computing tasks - tablets, the clouds and mobility. The rules keep on changing, there is no room for stagnation. So how do we keep with the pace? Below I share the right moves I have done. These tips are based on my experiences and could be considered an expert advise. I am sure that these are not limited to the environment I work with.

1. Keep abreast with the latest technology or techniques. Knowledge is power. With the power of the internet information and reading materials are readily available than it was say, ten or fifteen years ago. It is now easy to find the right materials and information to hone your skills and learning. Do not let your competencies stagnate to what it was three or five years ago. Try to learn new abilities and skills. Education is a constant renewal and development of  yourself.

2. Change your attitude. First it all starts with you and you alone. No one can do it for you. Either you  use your time wisely or not, it all depends on you alone. I've seen many people who have not developed their yearning for knowledge, or even if they do, they seem can't find the time to do it. There are also people who are afraid or do not have the confidence to show their creativity and talent. These people seem to be content to be followers, not innovators. All great men are innovators. They were able to to conquer their own self and have mustered the courage to stand up and show the way.

3. Be pro-active. You work in an organization that is always on the go. There are people working with you. You do not work alone, you have to work as a team.There will always be tasks to be done by the team. But everything does not always work like clockwork. There will be times that problem will arise and this is not seldom, I tell you. Try to understand the whole work process you are involved with and be aware of each member's or the team's progress. Try to help other team members if you find that they are having a hard time doing their task and if they are holding back the team. Do not wait for a problem to develop before you make your move and react. Act ahead and act decisively.

So there you have it, some words of wisdom, though it may not be complete but otherwise are very important, to help you evolve with the fast changing time. Do not allow to see yourself irrelevant, out there in the rain, out of job or worse, depressed and longing for the time and opportunity that was lost. Evolution or extinction, its your only option.