Security Basics mailing list archives
RE: Need Help
From: "LEHMANN, TODD" <TODLEH () SAFECO com>
Date: Thu, 19 Dec 2002 09:45:54 -0800
If you fail to sell mgmt on additional personnel, you may want to use an idea I saw in another string on this list. Create a document that properly reflects the gravity of the situation, and states what steps you took to relay the information to mgmt, then include a signature line that states that they have read the information presented by yourself, then make someone that is high-level sign it. Someone that is director level or above. That way if there is a major security breach or the help desk starts failing horribly, you can present that document and no one can say you didn't try. It will also redirect any disciplinary action towards the people who signed the document, not you. After all, they would not let you perform your duties properly and you have proof. If you do get targeted and are disciplined are terminated, you then have a legal means of fighting your termination or suing. Todd Lehmann The views stated, reflected, insinuated, innuendoed, implied, explied, or double-plied in this email are those of the sender only, and do not reflect the views of Safeco Insurance or any of its employees -----Original Message----- From: Gene [mailto:gyoo () attbi com] Sent: Monday, December 16, 2002 10:36 AM To: Chris Berry Cc: security-basics () securityfocus com Subject: Re: Need Help This is what we use to calculate the staff ratio. I don't know where my boss got this, but prior to my current employer, we were supporting 1:410 regional support center, and DC supporting over 118 location West of Rocky Mtns. Currently about 1:110 two DC, three remote. Here is a formula to calculate staff ratio: * EIC = (161wUG+111wPGT+32wPGR+220wRES)/(970wgen+64w equip) * 0 <= EIC <= 1 * ES = (105wUG+12wPGT+2wPGR+22wRES)/ (177wgen+10wequip) * 0 <= ES <= 1 * wUG,wPGT,wPGR,wRES, wgen,wequip >= 0 go figure! Chris Berry wrote:
From: tombombadillon () Argentina com I am in the security area and ?administer? 1200 users in mainframe with VM/ESA, VSE/ESA, CICS, AS/400, LAN of 500 PC?s and a Wan of 600, (mix of Window$ platforms). Now we are connecting the enterprise to internet and we go to add f4 firewalls, 2 proxy, 2 IDS, 9 Linux, etc (with the risk this involve) and I am alone with other guy (but it?s technical knowledge is lower, hi manage the papers). What are some good arguments I can use to request for additional personal? Management don?t understand importance of security. What can I do? This is a nightmare.All I can say is wow, you are seriously overloaded, you're definitely going to need either a guy to run the help desk so that you can concentrate on the security end, or a security guy so you can take care of the other stuff. Since help desk guys are cheaper, your best bet is to ask for one of those. As an argument, poing out that if you two try to do it by yourselves, they're going to have to pay copious overtime hours at time and a half, and it would be much cheaper to get you some help at lower wage rate. As a side note, I can't imagine trying to handle more than a few hundred users on my own (as the everything guy, not just tech support) but I work at a small company, what is everyone else's workload like? Chris Berry compjma () hotmail com Systems Administrator JM Associates "Live dangerously, overclock your servers." _________________________________________________________________ The new MSN 8: smart spam protection and 2 months FREE* http://join.msn.com/?page=features/junkmail
-- Gene Yoo, gyoo () attbi com
Current thread:
- Need Help tombombadillon (Dec 11)
- RE: Need Help Jason Burzenski (Dec 16)
- <Possible follow-ups>
- Re: Need Help Chris Berry (Dec 13)
- Re: Need Help Gene (Dec 17)
- RE: Need Help LEHMANN, TODD (Dec 20)