FRAMINGHAM (03/10/2000) - Meet "Pat Rabbinsky," a newly promoted security manager who's in over his head and eager to tell you all about it. He works at a $500 million company with no established security policies and has just been promoted - ready or not - from network administrator to security manager. He's young, inexperienced, irreverent and a bit overwhelmed by his new responsibilities.
Pat will be writing what amounts to his own exposé - sharing the good, the bad and the truly scary - in a weekly "Security Manager's Journal" that begins today in our Technology section and on our Web site (www.computerworld.com).
We're offering this unusual column in partnership with the SANS Institute, which will also run Pat's journal entries weekly on its Web site (www.sans.org).
This security manager's identity and his company's real name will be disguised to protect them from becoming a target for hackers. Each journal entry will provide plenty of product details and implementation specifics, as Pat goes about securing the company network and then installing Windows 2000 enterprisewide. "Along the way," he promises, "you'll see the mistakes we make and how we recover. I hope our experiences can help you avoid one or two of the pitfalls we discover."
Making mistakes and talking about them is, in fact, one of the best ways we all learn. In their book The Minding Organization, authors Moshe Rubinstein and Iris Firstenberg describe errors as a source of innovation and creativity. They point out how everyday wonders like tea bags and Post-it notes - and truly great discoveries like penicillin - were innovations that their creators stumbled into quite by accident.
Pat Rabbinsky isn't looking for any great discoveries - at least not all by himself - and he's cheerfully prepared to make his share of mistakes. On this very public journey toward a secure network, he's hoping that some of the experts in the Computerworld and SANS Institute audiences will weigh in with their advice and comments by sending e-mail to firstname.lastname@example.org (subject: Pat's Journal). Consider it your good deed for the day - and a chance to do some learning yourself.