RE: Sysadmins and Security PatchesFrom: Williams, Larry (Larry.Williams@fiserv.com)
- Previous message: Joe McCray: "Penetrating a reverse proxy"
- Maybe in reply to: Stephen Zeigler: "Sysadmins and Security Patches"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 21 May 2002 10:10:14 -0500 From: "Williams, Larry" <Larry.Williams@fiserv.com> To: "email@example.com" <firstname.lastname@example.org>
Our security administrator position does not install any software or make any system changes. In this regard, the SecAdmin is the auditor/inspector and ensures that the all systems meet shop standards for security, and a member of the Change Control Committee that reviews newly available patches and upgrades. It is up to the SysAdmin to maintain his or her servers and ancillary systems and apply approved patches and upgrades when they're made available.
From: Stephen Zeigler
Sent: Friday, May 17, 2002 15:02
Subject: Sysadmins and Security Patches
I would like to get a feel for how other shops handle this issue. I am a
security admin responsible for keeping about 140 servers, Unix and NT, up to
date with security patches and hotfixes. This isn't my only responsibility
and I'd like to get the sys admins more involved in keeping their servers
patched. I love my job - but more stuff keeps landing on my plate. How is
this best handled? Is it reasonable to expect sysadmins to install security