Re: Sysadmins and Security Patches

Date: 05/18/02

Date: Fri, 17 May 2002 18:32:34 -0400

>Hi all,


>I would like to get a feel for how other shops handle this issue. I am a
>security admin responsible for keeping about 140 servers, Unix and NT, up
>date with security patches and hotfixes. This isn't my only responsibility
>and I'd like to get the sys admins more involved in keeping their servers

Patching their systems is part of their job. Period.

>I love my job - but more stuff keeps landing on my plate.

And the plate never seems to get bigger, just piled higher.

>How is
>this best handled? Is it reasonable to expect sysadmins to install
>patches? Thx

It is not just reasonable to expect this of them, it is imperative to do
so. Your responsibility as a security admin is the assurance that the
individual sysadmins are diligent in their duties as it relates to InfoSec.
Part of their duty is to maintain the operational integrity of the
environment they administrate. System patches, whether they be security
patches or otherwise is the responsibility of your admins.

Part of your job might be the coordination of remediation efforts, not the
actual remediation steps. Not knowing the specifics of your organizational
structure and what your responsibilities are as a security admin, I can't
get much more specific than that. Every organization has a different
engagement method for InfoSec.




He who fights with monsters might take care lest he thereby become a
monster. And if you gaze for long into an abyss, the abyss gazes also into
                                        -Friedrich Nietzsche, Jenseits von
Gut und Bose (1886)

This transmission may contain information that is privileged, confidential and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. Thank you.