From experience it’s: 1) get a list of systems you’ll need to access and pester IAM until you have access to them. 2) install all the little pieces of software you’ll need 3) get a list of bookmarks for consoles 4) clone the repo’s and configure your IDE’s for running and developing existing/new scripts 5) develop good relationships
a few more: 6. Find the coveted "Hidden" bathroom in an abandoned part of the building 7. Best watering hole in the area 8. Find out what is most important to your managers boss
"Audit your organization's backups"... The first question I asked at the end of my interview was regarding backups. That's when I found out that their "backup solution" was a weekly incremental snapshot of all VMs on the same storage server. Fortunately I managed to suppress the scream, got hired, and immediately deployed and tested a functional backup on existing hardware.
Yeah, my top 5 would be: 1. Check the backups 2. After you realize they are a mess and not well documented or tiered, fix that and verify the most important ones first with audit like restores. 3. Make sure there are air-gap offsite backups preferably to tape and document this where every boss above knows where it is for all time. 4. Get a thorough inventory and use software to be sure you aren’t missing something that is hidden somewhere in a weird closet. The Wells Fargo hack happened due to bad inventory mgmt (they didn’t have the server managed in their inventory and it wasn’t getting patched) 5. Make sure all the inventoried machines are being patched and checked for vulnerabilities and send a report to the bossman
Each environment is going to be different; it depends upon the business and whatever external guidance that is mandated, or followed. For example, we have an established "maintenance" window, and we also have established well-documented change control procedures. As such, there's an expectation as to what can be done to handle break fixes, security patching for vulnerabilities, routine patching, software upgrades, etc; always good to find out what you are and are not allowed; if there is more than you on the system admin team, don't be afraid to ask questions; just try NOT to keep asking the same question. It's always a good idea to get approvals and such in written correspondence, even if it's via chat (Teams, for example ), or email, etc. With any change, you should know the risks, and take actions that are appropriate to reduce or remove such risks, like taking a snapshot, or getting another backup taken prior to changes, etc.
@@bobkoss280 Depends on the situation, but for a small/medium size business with a small IT staff keepassxc is a good option. At one of my clients there are 3 people in the it department, they had hundreds of passwords in text files previously, not great. Switched them over to keepassxc and now it's safer and much better organized, they also keep a printed copy (keepassxc has this feature) and digital backup are kept in a safe, which is refreshed every so often. Locally hosted bitwarden would be a better option once you pass a handful of people. There's also secret management built into various other software that you might find at the enterprise level, but I know less about that. For my own personal use I use a mix of keepassxc (for the bulk of less used secrets) and pass which I have integrated into dmenu for things I use all the time and want on quick hotkeys.
your hosting voice has gotten better with time, Jay. Now it's almost as good as your normal voice (like from the homelab show podcast, for example). Cool video. Keep up the good work!
1. Change root password to something that adhere's to company policy. One that's definitely not memorable. One that's definitely not written down. 2. Get on with your day. 3. Sleep in the next day. Damn, I only got to 3.
ROFLMAO !! The first thing that I did was.....Kicked everyone off that had Sudo access to the Linux servers, that thought they knew what to do on a Linux servers. Including managers.
From experience it’s: 1) get a list of systems you’ll need to access and pester IAM until you have access to them. 2) install all the little pieces of software you’ll need 3) get a list of bookmarks for consoles 4) clone the repo’s and configure your IDE’s for running and developing existing/new scripts 5) develop good relationships
Great tips!
a few more:
6. Find the coveted "Hidden" bathroom in an abandoned part of the building
7. Best watering hole in the area
8. Find out what is most important to your managers boss
Finding the best local pub should be higher up on the list. The real work happens after the pub.
"Audit your organization's backups"... The first question I asked at the end of my interview was regarding backups. That's when I found out that their "backup solution" was a weekly incremental snapshot of all VMs on the same storage server. Fortunately I managed to suppress the scream, got hired, and immediately deployed and tested a functional backup on existing hardware.
Yeah, my top 5 would be:
1. Check the backups
2. After you realize they are a mess and not well documented or tiered, fix that and verify the most important ones first with audit like restores.
3. Make sure there are air-gap offsite backups preferably to tape and document this where every boss above knows where it is for all time.
4. Get a thorough inventory and use software to be sure you aren’t missing something that is hidden somewhere in a weird closet. The Wells Fargo hack happened due to bad inventory mgmt (they didn’t have the server managed in their inventory and it wasn’t getting patched)
5. Make sure all the inventoried machines are being patched and checked for vulnerabilities and send a report to the bossman
LOL, your restraint and quick fix deployment are heroic!
An untested backup is called Schrödinger backup! (Not my idea, but I love it.)
Classic
Each environment is going to be different; it depends upon the business and whatever external guidance that is mandated, or followed. For example, we have an established "maintenance" window, and we also have established well-documented change control procedures. As such, there's an expectation as to what can be done to handle break fixes, security patching for vulnerabilities, routine patching, software upgrades, etc; always good to find out what you are and are not allowed; if there is more than you on the system admin team, don't be afraid to ask questions; just try NOT to keep asking the same question. It's always a good idea to get approvals and such in written correspondence, even if it's via chat (Teams, for example ), or email, etc. With any change, you should know the risks, and take actions that are appropriate to reduce or remove such risks, like taking a snapshot, or getting another backup taken prior to changes, etc.
And go talk to your co-workers, learn their names, and what position they hold. Build that professional network from day one.
Nice knowledge, because my next job is going to be a system administrator.
Learn the company's change management system. Read the Security Policy. Companies have failed due to employee malfeasance.
This type of content is very very good, Linux users are more likely to want to see this sort of thing.
Great tips. My first video for members for me!
good change of pace video, Jay. A lot of this is stuff that us long-tenured admins could get back to for improvement, too!
This is pretty good advice if you work in IT in general.
Number 1 should be : never stop to apply and never skip any new job interview regardless current position.
Really needed this! Hope to see more like it &/O greater depth! Keep it up Jay, Linux and Us thank you endlessly!
Thank you very much for the list !
I´m switching from Software-Development to System administration in a few weeks so this is highly appreciated !
Some others: Password management and Monitoring, if they don't have much setup for those
What do you use to manage passwords?
@bobkoss280 i use 1Password to protect my company data from A BAD ACTORS
@@bobkoss280 Depends on the situation, but for a small/medium size business with a small IT staff keepassxc is a good option. At one of my clients there are 3 people in the it department, they had hundreds of passwords in text files previously, not great. Switched them over to keepassxc and now it's safer and much better organized, they also keep a printed copy (keepassxc has this feature) and digital backup are kept in a safe, which is refreshed every so often.
Locally hosted bitwarden would be a better option once you pass a handful of people. There's also secret management built into various other software that you might find at the enterprise level, but I know less about that.
For my own personal use I use a mix of keepassxc (for the bulk of less used secrets) and pass which I have integrated into dmenu for things I use all the time and want on quick hotkeys.
Thanks a lot Sir, u just got a new subscriber today!
your hosting voice has gotten better with time, Jay. Now it's almost as good as your normal voice (like from the homelab show podcast, for example). Cool video. Keep up the good work!
thank for share this value lesson
Very good comrade...Than You...
Thanks, sir. Agree with you. :)
I like your first point best ! ... and your second point ... WOW !
Very important advice, Thank you so much
Number 5 should be number 1.
Good video!
Any tips for documentation? Such as a platform and/or format? I've been documenting via a wiki style site using markdown. Works ok
Same here.
I so much wish there was a simple wiki that uses Markdown, like a DokuWiki based on Markdown.
Notion
Notion
Nuclino
Useful!
Jay are you the composer of this video music?
1. Change root password to something that adhere's to company policy. One that's definitely not memorable. One that's definitely not written down.
2. Get on with your day.
3. Sleep in the next day.
Damn, I only got to 3.
You believe in helping the next person? That hard to find anymore.
I like this nerd. 🐐😜😎
ROFLMAO !! The first thing that I did was.....Kicked everyone off that had Sudo access to the Linux servers, that thought they knew what to do on a Linux servers. Including managers.
❤❤❤
Good video!