My impression of our Security Guru!

Well the security situation seems to be percolating to the fore, not that that’s much of a concern to the people working on projects at the moment as the pressure to deliver the project seems to be outweighing the desire to deliver secure systems by a significant margin. Whats new I hear you ask, well as practically all the systems will be replaced over the next two years – it’s such a good opportunity to get the security right that we shouldn’t waste it.

I know that everyone you ask that is involved in the project work will have a different view point when it comes to security, but if the same old protocols are used because it’s much simpler and quicker to do it that way – we’ll have lost a great chance to sort out potential problems. The thing is that once implemented in a production environment with things like RCP and RSH, there will be no chance of moving to more secure protocols for years as the business users will perceive that the risk is high- not the case if we implement the new protocols from the start. Still tomorrow will be password change day and the new password for the root user will be rolled out on all the servers, there is a systems admin leaving today so his access will be revoked tomorrow.

The other job that has popped up is the web server, the email arrived in my inbox saying have you planned out the move. When I checked back through the email trail, the last communication that I’d had had said I’ll let you know what’s happening after the meeting on Monday (the Monday was in June!) – still waiting for that one.  Still tomorrow the Auditors will be visiting one of the offices I think, it could be very interesting – I might get a chance to fudge the reports but then I might not. So security to the fore then, well for a little while anyway.