Speak truth. In a room so loud your ears are ringing, that's what would keep you leaning forward and straining to hear a whispered word.”
~Inspired by Cody

“Where do I even start?!” – a security primer

Google+ Pinterest LinkedIn Tumblr +

(Image from huffingtonpost.com) 

I have worked security for over thirty years.  It’s not that this has shaped the way I think; I’ve always thought the way I do so IT security was a career I naturally filled.   This makes me good at my job but horrible at dealing with the general public because most people don’t think like I do.  As such, most people don’t think in a way that’s conducive to good computer security, making just about everything on this site unnatural for a major percentage of people.

Don’t worry, that’s why people like me exist, so that you don’t have to bend your brain around a subject that’s otherwise foreign.  By that same token this is why I have a CPA, or my taxes would be a hot mess..!.  Different people are good at different things.

In the end, there’s your answer: what do you do about IT security?  Get someone else to do it.  Here’s the trick:

  • Get a tech who specializes in a given thing (smartphones, laptops, “cloud”, websites, etc) 
  • Then get another one. This is what keeps people from taking advantage of you.

 

This sounds harder and more expensive than it is: you can have a primary tech you work with the most, but once every couple months run it by someone else.  Introduce these two to each other and tell them they’ll be working together, one more often than the other.  Show the second person your invoices for work done in the last few months and have them cross check.   If they have recommendations (or don’t like the other person), ask them (both!) who they’d recommend and then either replace one, the other or both over time.   Overall the cost will be about 20% more and you’ll always have someone you can lean on with a fantastic result.

Absolutely nobody should only have one systems administrator for a site, service or office.  They’re allowed to go on PTO during your busy hours or have a rough week and not return your call within what you think is a reasonable period of time – you need to be able to consult with someone else if your primary isn’t available.  Also, multiple people will ensure you’re not being taken for a ride, preventing one from slipping back doors or malware into your environment (“Wanna fire me, ‘eh?  Well, get a load of this data-eating virus…” – it happens).

Some last words:

  • Always be open with the two that you have someone else and what that person said, but don’t try to translate for one to the other – get them both on the same line.
  • It’s important that you stay in the same room / on the same phone call.  You’re looking for the person who’s calm, professional and treats you like the customer you are.  You may not get the technobabble but you can usually tell when someone’s BS’ing while talking to another technician.
  • The cost of having two people isn’t as big as one would think because usually the primary does the hard work and the secondary validates it, taking a fraction of the time. 
  • If there’s a dispute that needs to be hashed out, the two technicians need to discuss it.  If one person blows up on the call, gets defensive, calls the secondary an idiot (etc) then tell them both that you’re going to end the call and send an email with your decision.  Allow yourself to make an emotional decision, keep the person who you work with best and who you thought talked the most sense.  Thank the other person for their time, pay them for it, walk away and go find a new one.
  • After years, you’ll get a really good idea whether your primary or secondary is a rock star and you can let the other person taper off… but check in at least once per year to make sure your rock star doesn’t start getting lazy.



Select an article below to continue:

Share.

Leave A Reply

Secured By miniOrange