November 29th, 2005, 07:13 PM
This wide world of IT!
Support pilot fish is on the payroll of a U.S. outsourcer, and the big client company he works for uses SecurID tokens for access to all its Unix systems. "Apparently they don't trust their Unix admins and like to segment authority," grumbles fish.
Authority for security isn't segmented, though. It's all in one place: half a globe away in Australia.
"I responded to a trouble ticket and attempted to switch to the superuser account in the target server," fish says. "But the security group had me in the wrong access group for that server and my attempt failed repeatedly.
"I got in another way to complete the work, then sent e-mail to the security group to get the problem cleared up. They said it was fixed."
Then fish leaves for a four-day weekend: the Thanksgiving holiday in the U.S.
Meanwhile, there's no day off for the security group in Australia. They send fish e-mail on Thursday, notifying him that his account may be suspended if he doesn't respond within 24 hours.
On Friday, the security group sends fish another message: His account has been suspended.
"Did I mention that they respond to e-mail during Australian business hours?" says fish.
"Fast-forward to Monday. I send e-mail to the security group to get my account unlocked. It's late in the day, still with no response. And there's a critical server problem.
"But the only way I can log into a server barely three miles from me is to phone someone in Australia."
\"The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards - and even then I have my doubts\".....Spaf
Everytime I learn a new thing, I discover how ignorant I am.- ... Black Cluster