My worst nightmare as an IT Admin just came true tonight

Grungie said:
The critical stuff is on a closed network, and since you have to have access to the building and have an account to get on the network, infections are largely going to be through insider threats.
Click to expand...

Or vulnerable or unknown security holes that gets you when you least expect it.

WitchAssassin said:
That sucks when you have to work the weekend. Will you get paid overtime for it?
Click to expand...

Salaried pay says what?
 
Demon_Skeith said:
Or vulnerable or unknown security holes that gets you when you least expect it.
Click to expand...
Someone would have to be at Solid Snake tier to get through multiple 2FA badged doors, and get on a network that requires a separate 2FA to be able to log in.

We practice RBAC pretty hard, so your basic user account is heavily restricted. We also have DLP running, so it immediately blocks external media devices, and flags the user/computer.

So if any form of malware got on there, it’s almost certain that it’s an admin, and intentional.
 
That's the reason why I would never work salary. You get paid the same amount of pay regardless of how many hours you work that week. A former boss of mine checked the laws (state and federal laws) and there isn't any lay saying how many hours they can make you work in a week if you're salary. So the company can make you work as many as they want.

At my hubby's job, he gets overtime after 40 hours but he also gets overtime if we works more than 8 hours in a day. If he stays longer than his 8 hours shift, it's automatically time and a half even if he hasn't worked his 40 hours yet for the week. But he also goes from time and a half to double time if he makes it to 56 hours in the week. It doesn't happen very often that he makes it past 56 hours but it does happen once in a while.
 
WitchAssassin said:
That's the reason why I would never work salary. You get paid the same amount of pay regardless of how many hours you work that week. A former boss of mine checked the laws (state and federal laws) and there isn't any lay saying how many hours they can make you work in a week if you're salary. So the company can make you work as many as they want.

At my hubby's job, he gets overtime after 40 hours but he also gets overtime if we works more than 8 hours in a day. If he stays longer than his 8 hours shift, it's automatically time and a half even if he hasn't worked his 40 hours yet for the week. But he also goes from time and a half to double time if he makes it to 56 hours in the week. It doesn't happen very often that he makes it past 56 hours but it does happen once in a while.
Click to expand...
It sucks when it does happen, and seems more “fair” at face value, being salaried can work in your favor by being paid the same despite working less hours.
 
Grungie said:
Someone would have to be at Solid Snake tier to get through multiple 2FA badged doors, and get on a network that requires a separate 2FA to be able to log in.

We practice RBAC pretty hard, so your basic user account is heavily restricted. We also have DLP running, so it immediately blocks external media devices, and flags the user/computer.

So if any form of malware got on there, it’s almost certain that it’s an admin, and intentional.
Click to expand...

RBAC and DLP?

WitchAssassin said:
That's the reason why I would never work salary. You get paid the same amount of pay regardless of how many hours you work that week. A former boss of mine checked the laws (state and federal laws) and there isn't any lay saying how many hours they can make you work in a week if you're salary. So the company can make you work as many as they want.

At my hubby's job, he gets overtime after 40 hours but he also gets overtime if we works more than 8 hours in a day. If he stays longer than his 8 hours shift, it's automatically time and a half even if he hasn't worked his 40 hours yet for the week. But he also goes from time and a half to double time if he makes it to 56 hours in the week. It doesn't happen very often that he makes it past 56 hours but it does happen once in a while.
Click to expand...

It sucks when it sucks, but when I can sneak out early on Friday and still get the same pay it is great.
 
Demon_Skeith said:
RBAC and DLP?
Click to expand...
auth0.com

Role-Based Access Control

Understand the concept of role-based access control and how it applies in Auth0.
auth0.com auth0.com

RBAC is basically a more in-depth concept of least privileges. So for the admins you can break it down by tier 1, 2, or 3, and only give specific rights for each role, that way nobody has god rights on your systems. So for example, tier 3 can have server admin rights to things like your domain controller, but be missing rights on workstations like tier 1 admins would have.

blog.rsisecurity.com

What is DLP (Data Loss Prevention) in Cybersecurity? - RSI Security

Learn what data loss prevention (DLP) is & how it helps ensure organizations are secure & protected. See how DLP can help detect data breaches & leaks.
blog.rsisecurity.com blog.rsisecurity.com
There’s various ways of controlling DLP based on the types of information/data you work with and you can control it at various states. The one we have can quarantine users when they plug in a flash drive or external drive by locking out their PC and flagging it in the system, so we know who and where it happened.
 
You must log in or register to reply here.
Back
Top