1. Home
  2. Lainnya

Computing Policies UNIX System and Network Administration

Experience with hardware: installing and maintaining the network cabling in use at the site, installing boards and memory into systems; setting up and installing SCSI devices; installingconfiguring peripherals for example, disks, modems, printers, or data acquisition devices; and making board−level and component−level diagnosis and repairing computer systems • Budget responsibility, experience with writing personnel reviews and ranking processes; and experience in interviewinghiring • Do not be afraid of this long list of additional requirements. Nobody expects UNIX systems and network administrators to be Supermen. UNIX administration is a normal job that is demanding but definitely doable. To end this discussion, here is a joke about UNIX administrators. Consider the similarities between Santa Claus and UNIX administrators: Santa is bearded, corpulent, and dresses funny. • When you ask Santa for something, the odds of receiving what you wanted are infinitesimal. • Santa seldom answers your mail. • When you ask Santa where he gets all the stuff he has, he says, Elves make it for me. • Santa does not care about your deadlines. • Your parents ascribed supernatural powers to Santa, but did all the work themselves. • Nobody knows who Santa has to answer to for his actions. • Santa laughs entirely too much. • Santa thinks nothing of breaking into your HOME. • Only a lunatic says bad things about Santa in his presence. •

1.4.2 Computing Policies

A successful system administration requires a well−defined framework. This framework is described by the corresponding computing policies within the organization where the administration is provided. There are no general computing policies; they are always site specific. Drafting computing policies, however, is often a difficult task, fraught with legal, political, and ethical questions and possibly consequences. There are a number of related issues: why a site needs computing policies; what a policy document should contain, who should draft it, and to whom it should apply. There is no a unique list of all possible rules. Each computing site is different and needs its own set of policies to suit specific needs. The goal of this section is to point out the main computing policies that directly influence the system administration. This is not possible without addressing security and overall business policies as they relate to computing facilities and their use. Good computing policies include comprehensive coverage of computer security. However, the full scope of security, overall business, and other policies goes well beyond computer use and sometimes may be better addressed in separate documents. For example, a comprehensive security document should address employee identification systems, guards, building structure, and other such topics that have no association with computing. Computing security is a subset of overall security as well as a subset of overall computing policy. If there are separate policy documents, they should refer to each other as appropriate and should not contain excessive redundancy. Redundancy leaves room for later inconsistencies and increases the work of document maintenance. The system administrator policy usually is not completely separated from the user policy. In practice 19 System administration is a technical job. System administrators are supposed to accomplish certain tasks, to implement technical skills to enforce certain decisions based on certain rules. In other words, the system administrator should follow a specific administrative procedure to accomplish the needed task. A system administrator is not supposed to make nontechnical decisions, nor dictate the underlying rules. It is important to have feasible procedures, and in that sense, the administrators opinion could be significant. But the underlying rules must be primarily based on existing business−driven computing policies. At the end of the day, we reach the point of asking: Will a SYSADMIN really have strictly defined procedures in the daily work that will make the administration job easier; especially, would these procedures be in written form? The most probable answer regarding procedures will be negative. There are usually multiple ways to accomplish a certain administrative task because system configurations are changing just think about different UNIX flavors, or new releases, or network changes. However this is not the case with computing policies; they are usually general enough to last a longer time. We already mentioned that the computing policies are business related. They are different in academia than in industry; they are different in the financial industry than in the retail industry, or in the Internet business. They are, at least for a moment, always internal and stay in the boundaries of a college, university, or company. So they can differ by moving from one place to another. Still there are many common elements and we will try to address them. Security policy — Definitely the most important policy, a good security policy is the best guarantee for uninterrupted business. Clear guidance in that direction is extremely important. Requests for Comments RFCs that present standards for new technologies also addressed this important issue. The RFC−2196 named Site Security Handbook, a 75−page document written in 1997 by IETF Internet Engineering Task Force, suggests the need for internal security documents as guidelines for: Purchasing of hardware and software • Privacy protection • Access to the systems • Accountability and responsibility of all participants • Authentication rules • Availability of systems • Maintenance strategy internal vs. outsourcing • Policy toward users — Users are main players in the ongoing business, but they must obey certain rules, and they do not have to have unrestricted access to all available resources. It is 20 Who is an eligible user • Password policy and its enforcement • Mutual relationship among users • Copyright and license implementation • Downloading of software from Internet • Misusing e−mail • Disrupting services • Other illegal activities • Policy toward privileged users — The primary audience for this policy is SYSADMIN and other privileged users. These users have unrestricted access to all system resources and practically unlimited power over the systems. The policy addresses: Password policy and its enforcement • Protection of user privacy • License implementation • Copyright implementation • Loyalty and obedience • Telecommuting • Monitoring of system activities • Highest security precaution and checkup • Business−time and off−business−time work • Emergency and disaster policies — Good policies mean prevention and faster recoveries from disaster situations. They are essential to maintain system availability and justify spending an appropriate amount of time to protect against future disastrous scenarios. Data are priceless, and their loss could be fatal for overall business. Emergency and disaster policies include: Monitoring strategies • Work in shifts • Tools • Planning • Distribution of information pager, beepers, phones • Personnel • Backup and recovery policy — This is a must for each system — in the middle of disastrous situations, there is no bargaining regarding the need for backup. However, the level and frequency of implemented backup vary and are business related. Generally the policy should address the following issues: Backup procedures • Backup planning • Backup organization • Storage of backup tapes • Retention periods • Archiving • Tools • Recovery procedures • Development policy — This policy should address the need for permanent development and 21 Development team • Planning • Support • Testing • Staging • Cutting new releases • Fallback • System administration will be easier if more computing policies are covered and elaborated internally and if more of the corresponding procedures are specified. It sounds strange, but less freedom in doing something usually makes the job easier. Unfortunately or maybe fortunately this is mostly the case only for large communities with strong IT departments that have been running for years. The majority of medium−size and small companies do not have, or have only rudimentary, specified procedure. The system administrator often does have freedom in enforcing listed policies. This freedom in action increases the administrators responsibility, but also enhances the creativity in the work that is why we used the word fortunately earlier.

1.4.3 Administration Guidelines

Dokumen yang terkait

AN ALIS IS YU RID IS PUT USAN BE B AS DAL AM P E RKAR A TIND AK P IDA NA P E NY E RTA AN M E L AK U K A N P R AK T IK K E DO K T E RA N YA NG M E N G A K IB ATK AN M ATINYA P AS IE N ( PUT USA N N O MOR: 9 0/PID.B /2011/ PN.MD O)

0 82 16

HASIL PENELITIAN KETERKAITAN ASUPAN KALORI DENGAN PENURUNAN STATUS GIZI PADA PASIEN RAWAT INAP DI BANGSAL PENYAKIT DALAM RSU DR SAIFUL ANWAR MALANG PERIODE NOVEMBER 2010

7 171 21

PEMAKNAAN MAHASISWA PENGGUNA AKUN TWITTER TENTANG CYBERBULLY (Studi Resepsi Pada Mahasiswa jurusan Ilmu Komunikasi Universitas Muhammadiyah Malang angkatan 2010 Atas Kasus Pernyataan Pengacara Farhat Abbas Tentang Pemerintahan Jokowi - Ahok)

2 85 24

KEABSAHAN PERMOHONAN POLIGAMI KARENA ISTRI TIDAK MAU BERTEMPAT TINGGAL BERSAMA DENGAN SUAMI (Studi Putusan Nomor :36 / Pdt.G / 2010 / PA. Bdg)

1 29 17

Prevalensi Penderita Herpes Simpleks di RSUD Tangerang Periode 1 Januari 2010 – 31 Desember 2011. Tahun 2012.

1 38 47

Penjasorkes Kelas 2 Abdul Rahman Asep Zainal Rizal 2010

2 36 148

Mari Belajar Seni Rupa Kelas 7 Tri Edy Margono dan Abdul Aziz 2010

17 329 204

Isi perpres no 54 tahun 2010

0 16 139

PP 23 TAHUN 2010 TENTANG KEGIATAN USAHA

2 51 76

BAHASA PADA SURAT DINAS BALAI PENYULUHAN PERTANIAN KECAMATAN SRAGI KABUPATEN LAMPUNG SELATAN TAHUN 2010 DAN IMPLIKASINYA DALAM PEMBELAJARAN BAHASA INDONESIA DI SMA

7 85 1