System Server Administrators


Server security is vital to a corporation. Servers hold great amounts of data and vital information for an organization.  If a server is compromised by a system server administrator, all the data and contents may become lost, stolen or manipulated.


Systems administrators are the employees responsible for making computers work. They handle uninterrupted operation of computers to take care of the business’s needs. Systems administrators are also charged with taking care of the company’s vital data and information. They normally have the passwords to get into any part of the company. It is important to monitor system administrator’s work on servers to ensure that configurations are not changed, compliance is always in place, and fraud is prevented.


Administrator accounts should only be used when it is required for certain tasks. These tasks include modifying user accounts on the computer system or network, installing software and changing network settings. The administrator has all possible rights, and this can cause security risks.


Security Measures


Separation of duties is one very important security method of manage risk. Division of duties restricts the amount of power held by any one administrator.  Equally important is the protection of the physical system console. The system needs to be install in locations where only authorized personnel are allowed.


System administrators should be very cautious about password roots or Administrator passwords. The passwords should not be given out indiscriminately, and must often be changed. Use lengthy passwords and make sure more than one administrator has the password. Never store a password as plain text or write it down. Always use encryption utilities.


Develop a policy of risk management and define critical information. Conduct an information security risk evaluation that identifies critical information assets and identify the people who have the greatest access to these assets. Ensure that there are regular reviews and monitoring of system server administrators. See information security practices.


Fraud Examples


System server administrators can cause great harm to a company. For example, a former system administrator for financial firm UBS is on trial for allegedly infecting the company’s network with malicious code. This code cost millions of dollars to the company.


Roger Duronio created the code in late 2001, quit his job, and banked thousands in “put” options against UBS. His malicious codes caused disruption at more than 12,000 servers and 17,000 individual workstations.


Recently a system administrator was asked to save money by cutting some of the security measures that were recommended. The system was hacked and data lost. Unfortunately, there was no way the auditor could determine which system administrator had left out the security data. The server administrator permissions were divided among three administrators. All administrator were eventually fired, but the company still suffered millions of dollars in lost data and proprietary information.


Again, separation of duties or having more than one person complete a task is a way of monitoring system administrators with high accessibility. This separation by sharing tasks is an internal control method to prevent fraud and error. This concept as addressed in technical systems and IT is defined as redundancy or double checking.


Ekran System is a comprehensive monitoring solution that allows you to have a deep insight into system administrators’ activities that put your enterprise at a risk. The indications of potential malicious activity can be easily detected via the customizable alert system and scheduled reports. Learn more about security monitoring with Ekran System.