Michael,
My compliments go to you on your response, it was very eloquently said, and
likely sums up what the major majority of what experienced security
professionals reading this entire string of replies must feel at this point. I
guess if this guy chooses to ignore all of our advice (why did he write to the
list again if he didn�t want to listen to us,) it is going to be his problem
alone when he is ostracized by his company. The one thing that really gets me
though is that it is guys like this that give good security professionals
everywhere a bad name. These cowboys walk into the role with an attitude and
are set to �clean things up� by forcing IT shops to do it their way or the
highway.
Didn�t this come into the profession with experience being on a network team?
Shouldn�t he have realized that network guys (as well as desktop groups)
already have enough on their plates without having to worry about having to ask
for permission for every single IP address that they want to use, not to
mention keeping him informed of OS and patching levels? I�m not sure, I guess
that may work in small environments, but it would never play in a large scale
enterprise.
All I can say is good luck with your plan, and please do all of us a favor and
write us when you go back to DHCP so we can settle who won the pool when
exactly you are forced to revert back to best practices methods. Good luck��
---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.
http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
