No matter how you interact with the digital world you will
always come across a person with the title System Administrator (SA). Looking through many websites and definitions
here are some major requirements that are mentioned again and again in every
article I have reviewed:
“The responsibilities of the system administrator typically
include ensuring the uptime, performance, resources, and security of the computers they manage meets the
needs of the users. This includes establishing and managing user
accounts.”
Running
the system is fine – anyone involved in IT has a responsibility that whatever
they administer, develop or design meets the standards required of them. But where do these standards come from? This question leads me onto the next part of
the requirements which is that all SAs should make themselves aware of – the users. Whether or not they like it SAs are there
because users interact with the systems they are meant to maintain and
develop. Too often SAs forget this and
start making demands of the user that are unacceptable. Fair enough, the user must pass stringent security
criteria to gain access to sensitive data, but that is not be at the behest of
the SA – it is because of business rules and because of the law. The SA does not decide on those rules and they
have no other input to the rules except to enforce them. They are, above all, administrators of said
rules but seem in many circumstances to get too big for their booties.
I
have been an Administrator in many of my roles - whether that be systems, databases
or otherwise. I ensure that my systems,
databases, etc. work the way they should and the users never sees the work I do. This may sometimes backfire, insofar as they
will think my job is effortlessly completed and anyone could do my job but that
is rarely the case. I have entered many
organisations whereby gaining access to restricted systems is a painful and
arduous pursuit. I generally have to
work with many systems where the administrators have no idea what collaboration
means. There is usually no central hub
where I can send all of the applications for access to the systems I need to
complete my work, meaning I can be chasing my tail for weeks. Why organisations don’t put a procedure in
place whereby a newbie can get the correct access centrally and efficiently is
beyond me!
As
for my experiences with SAs that should not be in that role, that is equally
abhorrent. I have requested access to
systems where I will be designing and developing solutions to inherent problems
and issues found within the organisation that hired me (challenges or
opportunities are the words that are bandied about these days). Not giving me access won’t stop me. I usually build what I want on my local
machine anyway so that I can guarantee uptime on my own PC. Once built, I will document my solution and once
accepted the current system will now have to reflect the changes that I put
forward. This means the administrators
that refused access now have to adapt and change the existing set-up being
used, meaning they have to work harder.
That’s
the access issue. What about when your
access key (password, card, etc.) is attached to someone else’s profile? This isn’t as rare as you may think. This would mean that I now have access to
someone else’s data because the SA did not do the correct job. The only reason that this bothers me is that
someone else may be attached to my profile.
With the systems that I need to get access to it can be very dangerous
for any organisation, both for sensitivity of data and the changes that could
be made by someone who may have malicious intent.
SAs should get back to what their job is meant to be about. They are there to maintain and administer a system that is both efficient and effective for the user. All systems are put in place because of these reasons, whether IT based or not.
