On Tue, 16 Sep 2014, Paul Heinlein wrote:
On Tue, 16 Sep 2014, David Lang wrote:
Our work sure qualifies under the first point, and while large shops have
checks in place, Snowden has shown that even the NSA can't prevent a rouge
Sysadmin from doing series damage, and is no different than a large
Engineering or Law firm that can attempt to put in similar checks, but
can't possibly hope to prevent all problems.
thoughts?
Most organizations put large obstacles between their sysadmins and a host of
corporate activities, e.g., hiring full-time employees, purchasing or selling
capital assets, entering into binding legal agreements.
Most organizations put obstacles between their sysadmins and a small subset
of data, e.g., employees' self-encrypted files (password managers or SSH
keys), some legal/personnel records.
Few organizations can do more than that without having a huge budget for both
system administration and security. Personally, I wouldn't want to work for
one of them.
I agree, but I was more asking for thoughts on if this was a good defintiion of
"Professional" and if this definition would work any better than the previous
definitions we've tries to use for the term "professional" and the follow-up
discussions on licensing/certification efforts.
I think this definition is useful, because it is the first one that I've seen
that is able to draw a line between the Sysadmin who is running their personal
site or a local club/church site (something that I strongly believe should NOT
be regulated/licensed) and someone running a bank (where they may have people
working there who aren't licensed, but it would be reaonsble to say that the
person in charge if not most of the senior people should be)
now, the line is still a bit fuzzy in that it depends on the question of when
the impact of a doing a bad job becomes significant enough, but we at least have
a framework to work with.
For example, someone running their local Boy Scout website would not need to be
licensed, unless they made it start getting involved with a sensitive category
such as finances (taking donations as opposed to simple bookkeeping)
for those who missed the start of the discussion, the definition of
"Professional" that I'm talking about is:
Professional work is determined by the level of trustability in the competence
of the professional that is required.
1. Someone whose work can determin his client's life and/or liberty (or the cost
of their mistakes can be many times the cost of the work)
and
2. who usually deals with clients on a one-on-one basis, where the client is
unlikely to be able to judge the quality of the work, at least until it's too
late to make a difference
David Lang
_______________________________________________
Tech mailing list
[email protected]
https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
http://lopsa.org/
