computer_science:sysadmin:classic_sysadmin_it_misdesigns

Classic Sysadmin / IT Misdesigns

If you are doing / not doing this stuff, you should reconsider your position as a SysAdmin / IT Director

  • Adding public DNS servers to domain joined systems
  • Not having any Windows update restrictions on workstations and just leaving auto update.
  • Not doing updates on servers for YEARS.
  • Not using GPOs
  • Not using MDT, or any automated deployment.
  • Abusing the email as a ghetto collaboration system, so that mailboxes burn 50GB in a few months
  • Not using VMs.
  • Not using ticketing.
  • Using excel files for password management.
  • Not using DNS and just hardcoding IP addresses everywhere.
  • Don’t know any security, so they often get hit with ransomware because their client machines, DCs and backups are all mixed together.
  • RDP-ing everywhere because they never heard of RSAT.
  • Not documenting anything
  • Default passwords. Printers, cameras, specialized equipment.
  • Implementing flat networks without any segmentation because “VLAN's are hard”.
  • Loose firewall rules, not auditing firewall rules, not providing detailed comments within firewall rules.
  • EVERYONE GETS LOCAL ADMIN
  • Not implementing monitoring or syslog servers.
  • Not using password management. Not setting up self-service password reset
  • computer_science/sysadmin/classic_sysadmin_it_misdesigns.txt
  • Last modified: 2023/12/01 12:07
  • by 127.0.0.1