Systems Administrators: Architects of the Apocalypse

Our network went down today. Consequently, I didn’t get much done until about lunchtime. It was a router misconfiguration, apparently. But the paralysis I suffered (in common with all my colleagues) got me thinking.

Just about every significant business operation in the developed world now has an IT infrastructure of some kind. This in turn means that there is also a person (or several persons) who holds the administrative privileges to that infrastructure. That person pretty much has the successful operation of the business in the palm of their hand. Often literally.

Yet sysadmins are typically poorly paid and relatively junior. In smaller companies the role is often given to people as an extension of their normal job description, which might be working in accounts, office services or such like. Yet management seems not to be aware, or perhaps simply accepts, that these people could cause havoc far out of proportion to their seniority if they wanted to. Sack a sysadmin, and your main file server could mysteriously appear blank one day, as could all the backups, perhaps months or even years after they’ve left. It would be a simple matter to email the contents of the business development folder every Sunday to a list of rivals and the management would never know. Pitch proposals could end up on websites; employee salary details emailed to other employees… The list of possible shenanigans is endless. With sufficient planning, none of these things would require the culprit to be in the building, or even logged into the network at the time.

I suppose the fact that this hasn’t really happened much in the past is some sort of comfort, but I’m glad I’m not asked to interview prospective sysadmins. Personally, I’d feel I’d need to give them a lot more than a cursory look at their MCSE certifications.