Where does the responsibility of testing OS patches, AV updates and other automatic type installs fall? Systems deemed critical to your primary business must have some level of internal testing and validation in place from automatic external vendor updates. Does that responsibility not lie with Delta's IT management policies, regardless of CrowdStrike's Sales suggestions?
The short answer is "yes. Much like a pilot's first job is 'fly the plane,' it's Delta IT's responsibility to run the infrastructure. Their house and their responsibility."
But the challenge here is the balance point on how to optimize that responsibility. Zero-days can go from dark web disclosure to one actor surreptitiously plugging a USB stick into a flight-information display kiosk that exfiltrates your ticket sale database in hours. To guard against that, Delta IT gave a vendor the ability to mass-distribute zero-day protection into all machines in drop-everything emergency mode. The fact they did so to dump an empty file that crashed every machine that read it is on them.
If a plane crashes because the propeller falls off, we blame the pilot for not keeping enough altitude to land safely in event of failure but we also absolutely blame the mechanic who's job it is to certify that propeller.
Something is afoot over there. I updated and then removed all comments, like, everything on my account, and then deleted the account a few days ago. And now its back with the previous comment I updated everything to intact. They did some form of rollback.
Wow. I used a tool the other day to delete everything as well. I'll check my comments now. Be great if everyone else here could do so as well and report back. If they did, indeed, do a rollback that is serious malfeasance.
Something similar happened to me during the great yahoo hack. My email stayed compromised even across password changes, so I deleted my account. So the person taking it over undid that then updated the recovery information. I was never able to regain control of that account that I'm certain spams my contact list to this day.
After that I stopped deleting accounts. I maintain a firm grip on every one, even ones I never plan to use again (including facebook and reddit).
This is a major issue when turning batch data into individual files, especially with dynamic prefixes. You can and will find this edge pretty quick using EMR or Glue which tries to run as fast as possible. The only answer is....slow down your writes or just try again, a bit frustrating.
Also, what type of customers run speed test normally? Those on the more technical side, thus those running the test are likely to have higher level packages from their providers, further skewing the data
I'm starting to get more into this practice and finding it very effective. With the kids home due to school cancelations, I've blocked off recurring time throughout the day for dedicated checkins with them, helps with both my and their productivity.
Actually saw it in practice, I toured KnowBe4's office, their entire C-suite is right there in the open office, a few at standing desk, but all right there in the open
Developers don't need admin rights for much of anything in this decade. No need to bother with that.
Common software has to be made available in self-service, so developers can install development tools like notepad++ or visual studio.
Deployment is usually the challenge because you have to store binaries somewhere, copy it to some random servers and finally execute it, each step causing numerous security headaches, so there has to be some approved tooling to handle that.
Developers don't need admin rights for much of anything in this decade. No need to bother with that.
Please defend this position.
My experience, mostly with Linux-like tools, is that those tools are built with the assumption they are being used by someone who knows what they are doing, and that they have the appropriate level of control of the machine -- they are tools for professionals to build tools.
If you don't have rights to install or execute them, you're done. You can't make any forward progress.
Telepathy Labs | Build Engineer, Test Automation Engineer, Devops Engineer | Tampa | ONSITE | Competitive salary | Full time
Telepathy Labs delivers interactive voice and chat-bot technology to industrial and enterprise markets. Our proactive, omnichannel intelligent agents make large-scale environments work more efficiently by turning communications into actions.
We are looking to expand our cloud Operations team by solidifying our entire release engineering practice. We run full micro-services with Kubernetes in-house but can also deploy on-prem so experience across micro-service orchestration methods is appreciated. Will also consider these positions in Zurich or Singapore.
