Management vs SysAdmins - Reactives versus Pro-Actives

Despite a succession of incidents involving viruses, worms, hackers and security "holes" in widely used software, real concern about computer security is still at a surprisingly low ebb, says Kentucky-based networking specialist Gary Porter. Porter, who holds Novell's Master CNE qualification, was a keynote speaker at Novell's "one Net summit" in Wellington last week. He was appointed to Novell's major accounts advisory board in 1996.

So who cares about security? "Systems administrators care," Porter told Computerworld. "But management, who make policy for the organisation, generally don't. They see the sys admins as uptight, overcautious individuals who like to have new toys to play with, and use a supposed need for security as a way of getting some of those toys....

Managers 'slack on security'

Managers see the sys admins as "uptight, overcautious individuals"

by Stephen Bell, Auckland

"Managers are reactive. They generally have to be hit hard [by an electronic attack] before they think seriously about security. I'm not sure why that is.

"Users often don't care; we've all seen those passwords on pages from sticky pads, pasted to the monitor."

And surprisingly, he says, systems administrators' attention to security sometimes has significant holes. "I've seen them use the same password for everything, and tell me passwords out loud in others' hearing."

Likewise a lot of users leave their screens unprotected, even failing to log off when they step away for a short time.

Click here to continue reading this article at IDGNet New Zealand