“Are you kidding me?” was my response. “Surely they can tolerate a five-minute outage in the middle of the night when nobody is working.” But I found out later, when I called the business unit manager, that they were running overnight processes that would be corrupted by stopping the services.
So I tried to find a time when everybody could agree to do the reboots. Unfortunately, we haven’t come to that agreement yet. After the business unit’s deadline has passed, we should be able to resolve this. But my main concern is not with this particular situation; it’s with the general challenge of business units requiring 100% uptime on computers that need to be rebooted at least once a month. This is going to take some negotiation and planning.
For the moment, though, I’m going to have to live with some accumulated vulnerabilities. I could take a hard line and insist on rebooting the servers, but knowing that that would compromise the business unit’s work, I’ve decided to be flexible. We need to find a solution to the overall problem of regular system rebooting (and other system administration tasks) in a mutually agreed “maintenance window” where IT can take over all the computers for a while every month.
But secretly, I’m hoping for a power outage.
This week's journal is written by a real security manager, "J.F. Rice," whose name and employer have been disguised for obvious reasons.
Sign up for CIO Asia eNewsletters.