Re: RE: present day admin skills

[George Capehart <capegeo () opengroup org>]

On Thu, Jan 10, 2002 at 08:52:15AM -0500, R. DuFresne wrote:
> For those that have contacted me off-list, in private, well, Bcc: is a
> wonderful thing, and it's been used here for that purpose, to retain
> anonymity of you people.
>
> I've been stating these issues about poorly skilled folks ending up in
> jobs requiring some level of competence for a few years, and replies like
> this have been common in the past (I'm surprised only one has filtered
> out of the present discussion this time). But, I have to say honestly,
> while I can relate and understand this, to a degree, I have to say quite
> plainly, and do not mean to sound too harsh, though it will come off as
> harsh and biting;  I have little sympathy for these situations folks talk
> themselves into being hired for.  It boils down to a point of passing the
> buck and not taking responsibility.  Specifics inline:
<snip rest of message>

I've been biting my figurative tongue for the duration of this thread and
I can't stand it any longer.  Gotta get this out.  I promise I'll try to
keep this from turning into a rant.

What we have here is a failure of management.  What I mean is this:  If
the managers of the sysadmins that are described in this thread a) had
a clue about what skills their people needed to have and b) provided
leadership and actually developed the skills of their people, this problem
wouldn't exist.  If managers know what skills the people in their department
need, they should hire the people with those skills.  If people with those
skills are not available, then they should get training for the people
they have or hire those people whose skill sets come closest to those
required and then get training for them to fill in the gaps.  The manager
who hires unskilled people should be fired.  The manager who doesn't see
to it that his/her people get the training they need to keep up with the
requirements on their job as it evolves should be fired.  The manager
who doesn't mentor his/her people should be fired.  Problem is, that
manager is only going to be held accountable for the shape of his/her
staff if *his/her* manager has a clue about what is going on.  And so on
all the way up the chain.  I've seen this to one degree or another in
every organization in which I have worked, and since I'm a consultant,
I've been in a few . . .  Seems that it's not as bad in smaller companies
as it is in larger ones . . . iff the right leadership is in place at
the top.  Larger companies are doomed.  Too many layers of people with
whom the Peter Principle caught up.

On the surface, this might not seem to have much to do with security,
but it does.  "People" is one of the Defense-in-Depth triad.  Bottom line
is that lack of security is as much a problem with management as anything
else . . . IMHO.

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards