How Do You Protect Servers From a Rogue Admin?

Treborto writes "I work with a non-profit that has an extensive collection of photos and videos. These are used in publications and on the web. We have several levels of privileges: read-only of small, watermarked images; read-only of large, clean images; edit of the site; and admins who can confer privileges. It has happened that people leave the organization in anger. So far, no Admin has done so. Is there a back-up, site mirroring, privilege, or other strategy you'd recommend so we have protection from an Admin gone bad?"

Tips for "rouge" admin defense

[Okian+Warrior]

Rogue admins are extremely rare. So rare that there are many other more likely threats you will encounter, such as hackers or data breach. Worry about those first.

The reality is that most people work in a spirit of cooperation and don't want the black mark on their reputation. They would rather walk away without burning bridges.

That being said, bad admins (and employees in general) spring from two causes: bad treatment and pre-existing jerks.

The best way to handle both situations is to talk to your employees regularly, and find out how they feel. If you know that some policy or other is bothering them, you can avert a crisis very easily if you know about it beforehand.

Some people are just jerks. Don't let these people continue in your organization, even if they are brilliant and highly capable, and even if you don't have an equally brilliant replacement. A mediocre replacement who can work well with others will be much more productive.

(Often said: About 15% of your productivity comes from innate ability, 85% from working with others.)

That having been said, if you're really worried about someone doing you in, make sure you have regular backups and that you personally have access to the backup system. Reformatting a disk and copying data is easy - position yourself so that you can recover completely from the maximum damage they can do.