Feeds

Save us from our users

Doomsday Weekend 3: sometimes a god complex isn't a bad idea

  • alert
  • submit to reddit

Intelligent flash storage arrays

Sysadmin blog Many sysadmins among us certainly have a god complex. The truth is, no matter how well-prepared for a large project we try to be, we can't control our users.

I took great pride before Doomsday Weekend in typing detailed emails about the changes that users should expect to see. The documents were necessary. They helped users through the transition and were an excellent point of reference for the post-project support calls. 
But nothing can compel users to read the emails they are sent.

Those users who did had a much easier time of it. Those who didn’t were quite upset on Monday morning to discover that everything had changed. In retrospect, I should have anticipated it.

One of those angry users had the solution to this problem: in addition to the emails, I should have printed a copy so that the information they required was on hand when they walked in. Not possible in all scenarios, but it would have saved a lot of grief in this one.

Another accidental experiment involved passwords. So our users could log into their VMs Monday morning, and so IT could set up user specific elements for the new users on our network, all non-administrative users were set to the same default password. We didn’t create a complicated list of users with different pre-set passwords; we simply set everyone’s password to the same thing.

Our intentions were good; we were going to have done all the configuration and user migration before Monday, and set users to change password at first logon. We didn’t make it. We still had tweaks to do to user environments two days after the deadline had passed. After we had finally reached the end of our customisations, we told users they were free to change their passwords. We decided that we would not force this on users at next logon, because after a rough week of big changes it would be bad PR for IT. So we sent another email detailing exactly how users could change passwords, why doing so was a good idea, and asking them nicely to comply for the sake of our sanity.

As I should have anticipated, the email was left largely unread by the users.

Many of those who did read it didn’t comply. So we discovered that a truly shocking number of users, even when made aware of the risks, won’t change their passwords from the default unless we force them to do it.

Users prefer convenience over security. Perhaps the greatest clashes between IT departments and their users are over this topic. Both sides can become entrenched: users demand absolute convenience, or else they will consciously work to subvert security measures. Hardline admins demand that users pay heed to security, or they will punish them with even more exacting security measures.

The solution is probably somewhere in the middle. Users pay attention to basic security measures, such as not sharing their passwords or leaving them taped underneath the keyboard, and admins put more thought into making security simple. After this misadventure, however, my opinions are beginning to shift towards a hardline sysadmin view.

We called each user to make them change their passwords. We stayed on the phone as they changed their passwords, and listened to the same diatribe about how changing passwords every six months was too much to bear. I find their apathy towards security breathtaking. Next time I won't care about bad PR for IT. I’ll just tick the “reset password" box and be done with it. ®

Choosing a cloud hosting partner with confidence

More from The Register

next story
Cray-cray Met Office spaffs £97m on VERY AVERAGE HPC box
Only 250th most powerful in the world? Bring back Michael Fish
Just don't blame Bono! Apple iTunes music sales PLUMMET
Cupertino revenue hit by cheapo downloads, says report
The DRUGSTORES DON'T WORK, CVS makes IT WORSE ... for Apple Pay
Goog Wallet apparently also spurned in NFC lockdown
Microsoft brings the CLOUD that GOES ON FOREVER
Sky's the limit with unrestricted space in the cloud
'ANYTHING BUT STABLE' Netflix suffers BIG Europe-wide outage
Friday night LIVE? Nope. The only thing streaming are tears down my face
Google roolz! Nest buys Revolv, KILLS new sales of home hub
Take my temperature, I'm feeling a little bit dizzy
Cisco and friends chase WiFi's searing speeds with new cable standard
Cat 5e and Cat 6 are bottlenecks for WLAN access points
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Getting ahead of the compliance curve
Learn about new services that make it easy to discover and manage certificates across the enterprise and how to get ahead of the compliance curve.