Nitec
Contact

Nitec

Nitec
All articles
Security Gavin Woods

On Thursdays we break stuff

Introducing the concept of Break Stuff Thursday and how breaking things may actually work out better in the long run.

On Thursdays we break stuff

I am quickly coming to the conclusion that managers and business owners have a slightly distorted view of IT. People are obsessed with uptime i.e.., the length of time a computer system or service has been running without something going wrong.

I mean, I’m not against uptime in principle, but to do it right requires time and money in copious quantities, often way outside the need of a business. For example, if you are a 30-person solicitors’ practice, there should be ample opportunity to have your systems rebooted without causing issues for staff. 

This attitude can cause IT managers and supervisors to be way too risk-averse. This probably sounds odd. By that, I don’t mean that IT professionals should be the ‘devil may care’ variety that wrecks all around them with scant regard for their colleagues. Far from it. It’s more like the cooking analogy, “You can’t make an omelette without breaking eggs.” Many a rubbish configuration has its genesis in someone making a configuration mistake in setup and then being too scared to fix it once in production. 

A good example of this might be the Windows firewall. In the days we are in of ransomware around every corner, it has never been more necessary to have every single layer of your protections in place, yet I routinely see both servers and workstations with the firewall turned off. In almost every case of this it appeared that something on the computer wasn't working, so the user turned off the firewall, and voilà, the computer was working again. As the IT person, immediately, everyone in the office was all over your application like white on rice and now if you break it, it's your fault so you leave it. But there is a niggling thought every now and again when your conscience pricks you and you remember that as the IT folk, it is your job to plug that security hole. 

If there is one thing you can be sure of, it is that hackers could not give a stuff about your uptime or causing problems, and the only way to get on top of the issues that let them in is to embrace the suck and start breaking stuff. This is why ransomware is up 400% year on year. Because far too many of us are more scared of breaking something than we are of getting hacked. 

For this reason, I am proposing the adoption of “Break Stuff Thursday”. Fortunately, the acronym (BST) accommodates 2 days in a week so you can choose the one you like best. Every good IT initiative needs a three-letter acronym (TLA) after all. In addition, it has been designed with your weekend in mind allowing you, at a minimum, an evening and a day to get stuff back to normal in the event of a meltdown before your weekend properly starts. BST is a day when IT people can impress on their managers the need to try some things to improve their configuration. Be it MFA, Windows Firewalls, rubbish password changing, or deleting old rules from firewalls that no one understands anymore, you name it. If it means that BST is followed by MMSF: "Marginally More Secure Friday”, you go for it. 

To be clear, BST still requires a plan. Hey, I’m not crazy!

You still need to make sure you have a backup or a snapshot of the database just before you wreck it, and maybe even check that the entire legal team isn’t staying behind and ordering pizza so they can finish the tender of the century. That’s just being prudent and polite.  

The reality is that, as IT people, we need to be taking the bull by the horns and get breaking stuff. If you managed even 30 out of the 52 BSTs, I really believe at the end of the year your MMSF would stand for “Much More Secure Friday”. 

Related articles

Cyber Hygiene 101: Staying Safe on the InternetKeeping your internet safety in check on Safer Internet Day

Upgrades and Tweaks to Your Internet: What To Look Out ForBreaking up with your broadband? It might not be as simple as you think. Here are five reasons why you should let Nitec know.

The Password Playbook: Unlocking Ultimate SecurityA foolproof guide to secure password management practices.

The Journey to ModernModernise your basic cyber security standards with our state-of-the-art solutions.

From fuzzy logic to deep learning: Exploring the meteoric advancements of AIAs AI gets closer to being “good enough” to pass the Turing test, the question we must ask is “Are we humans good enough for them?”.

Nurturing Connections: Unleashing the Power of Hybrid Work RelationshipsMaking friends at work can be difficult in this day and age but here's how you can tackle it.

Let's work together

Thank you for your enquiry. Someone will be in touch as soon as possible!

Our use of cookies

Some cookies are necessary for us to manage how our website behaves while other optional, or non-necessary, cookies help us to analyse website usage. You can Accept All or Reject All optional cookies or control individual cookie types below.

You can read more in our Cookie Notice

Functional

These cookies enable core functionality such as security, network management, and accessibility. You may disable these by changing your browser settings, but this may affect how the website functions.

Analytics cookies

Analytical cookies help us to improve our website by collecting and reporting information on its usage.

Third-Party Cookies

These cookies are set by a website other than the website you are visiting usually as a result of some embedded content such as a video, a social media share or a like button or a contact map