So what is a system administrator? There are a lot of names that actually kind of fall under a system administrator. Sort of a broad heading tech support database, admin network, admin, security. I'd been basically a systems administrator. Is a person
who determines the technical needs of the organization they install, maintain, upgrade repair. That's along with hardware and software. They evaluate an optimized for performance, security and survivability. They create manage and trained users following enforce policies and regulations. And they do they solve problems involved with all of those things. So all of these that I listed here
all do some facet of that. They all do kind of a twist on that. So database admin is really focused on
doing that with respect to databases, be they already a mess What? Whatever kind of database they're using, that's their responsibility. Network at Mons do that over the whole network and security focus on security. But although we're gonna be doing these six essential tasks in some capacity,
So we're gonna dig into these little bit more. So the technical needs. What does it mean to determine the technical needs organization? The things you have to understand. And it's something that I try and drive home to people who are involved in I t people who are just getting involved in I t. U
almost universally that you watching this video? No, Maura, about tech than most people.
It's something that it's hard to really explain to people who are interested in technology because most of the people watching this video, most people in this field started using computers, started messing with computers in a technical or um, or technical way before they ever took a class before they ever, you know, trying to get a job in the field. There's just a certain you know,
people in I t tend to like computers more
personally. I have run into a lot of people who have worked with computers their entire career who did not know, for example, that Microsoft Word is not an Internet site.
They thought that they had to open up Internet Explorer and go to Microsoft Word. Now these people have used Microsoft Word every day for 15 years, 20 years, whatever.
But it's just because this isn't something that's a fundamental part of a lot of people's lives. They don't understand. It
s so it's essential for you as the i d professional as the sys admin to identify the potential technical solutions to the problems there. Aton of issues in accounting or in human resource is Aaron marketing and sales that can be solved with a simple Excel spreadsheet or could be solved with
very simple database. Be implemented that people just don't have that background knowledge,
understand her? Implement. So one of your responsibilities as Assist admits to find those needs and to seek out those opportunities to improve your organization with a technical solution.
Now, I I just wanna briefly interject there and just mention that I can attest to Joe's love for itself spreadsheets. So in case you he's the expert on those when Google Sheets put in the check box option, which, by the way, if you didn't know they had that they have a check box option. When they put that in there. I ran around the office. I was so excited. This is this is the excitement of working with me.
Yes. So it is still maintain, upgrade and repair four very important kind of key words for being assist at. So we talked about. You have to identify these solutions that their problems people may not know exist and their solutions. They definitely don't know that this. So after you identify those solutions, you have to implement from the whole process of
bringing that tool in from doing an assessment from determined cost
market research. Whatever you have to do for it, bring that to will. Bring that solution in. Install it, then because you're the person who installed it, you generally you're gonna own it. You're gonna have to be in charge of maintaining and upgrading it. You're gonna have to keep it running at normal procedures. Because as soon as you introduce this solution that they did not know existed yesterday, they had no idea that the solution was a thing. Today
it's now essential. And if it goes down, you screwed up and you're now in trouble,
which isn't really. It could be a depressing thing to hear, but it's very true that once you introduce these solutions, a big part of your job is gonna become maintaining and upgrading them and keeping them in good working order. And then, of course, obviously, if something goes wrong with it your job is triage and repair.
So performance security survivability, the three things that you always want to enforce on and kind of down here in the slide. I also talk about the CIA and A or Sana, so it used to be the CIA. Try at confidentiality, integrity, availability. However, over the past several years, authentication on repudiation become a central components of that as well.
So when we talk about you know the performance or we talk about the security of a system,
those five categories are essential to being successful. It's excitement you need to ensure that confidential data does not get leaked. Every essentially every data breach is a violation of confidentiality. That's why it's a big deal. You need to ensure that your data integrity is still there. You need to be sure that whatever data you have isn't being modified or ruined by you
malicious actors, which is actually something that we're seeing from a security perspective,
something we're actually seeing a lot more of in the last six months or so to a year of Attackers entering database and breaching security. Not to steal information, but to modify it, which poses a whole new slew of potential danger. So as a system in one of your jobs is maintaining that integrity, authentication is obvious again.
If no, if they're not supposed to be somewhere, don't let them be there.
Non repudiation is one that I don't think is many people really understand. Non repudiation is a fascinating concept of you cannot deny that you were the person doing X thing.
Which is to say, for example, if somebody in the company you know commits insider theft, right, they steal a bunch of data, they steal a bunch of money from the company and they do it on a shared user account, which is a horrible know know that a lot of companies still do. They have a single user account that a bunch of people are sharing.
proper way. There's rarely a proper way to prove who did that. Which one you're talking about. Trying to pursue this in court or trying pursuit on any kind of legal action becomes incredibly challenging and often prohibitively difficult because of the fact that are able to repudiate the claim that they were the one doing it. So part of authentication sort of is the other side of authentication
is, if someone is active on the network, you need to always be able to verify it. Is this person confidently?
And then, of course, availability is very simple. If you don't have your network up, people can't use it. Job doesn't get done. Company loses money. You lose job. Easy day above that. I did talk about backups in terms of survivability. Back up everything all the time. Daily differential backups are always a good way to go with a weekly full backup. If you're not, you know, not every day. Are you pulling the whole network down for backups?
You're constantly making sure that everything's safe.
I am an old say with non repudiation Joe. Do you have an example like from your work experience it all like, obviously, we don't want you saying anything but having any examples that you've experienced where you had difficulty
doing ATTRIBUTION on A particular Yeah, actually, So I was working with I won't name the company. I was working with a company and I was hoping to do a security audit
of a bunch of their systems, and as we were going through, we noticed that
the calendar. The, uh what's the word for the work hours? Someone's reported work hours seemed really off. They were coming into work like three in the morning. They were leaving in, like, five in the morning. They were coming back at seven for their normal work day. And we were finding just over and over again. They were logging onto the system, really were times,
but they were in their time management system. And so it seemed like the person was actually there.
Eso we're going through we're trying to figure out, you know, is this person stealing something? Are they sleep walking to the office in the mornings? You know what's happening and eventually what we actually found out Was that a threat? Actor Excuse the notifications. I thought it turned all those off. Ah, Threat Actor had actually gained access to their system.
And on that same network, their time management system was being implemented.
So in order to get around one of the things we look for as sys admin Zohra security professionals is for people who are logged onto the network who aren't in the building
on. So in order to get around that they were actually clocking this person in giving them free work hours and then accessing their their account on the network.
So that was a great case of because of the fact that we were able to identify, you know,
when things were happy, we had multiple sources of data. We were able to provide, repudiation and say, even though all of these data points suggests that it was this person were able to identify and say No, it's actually not.
That's actually a friendly criminal hacker there, Joe. Yeah, it's really not giving you if you're going to steal my data me in for yes, exactly.