[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [seul-edu] Help, I need backup

To: seul-edu@seul.org
Subject: Re: [seul-edu] Help, I need backup
From: David Woodhouse <dwmw2@infradead.org>
Date: Sun, 13 May 2001 08:59:07 +0100
Delivery-Date: Sun, 13 May 2001 04:00:01 -0400
In-Reply-To: <NEBBJKHCKFMNIJIOMJOACEIHECAA.jmellen@cfl.rr.com>
References: <NEBBJKHCKFMNIJIOMJOACEIHECAA.jmellen@cfl.rr.com>
Reply-To: seul-edu@seul.org
Sender: owner-seul-edu@seul.org


jmellen@cfl.rr.com said:
>  What figures, documents, reports, etc. should I have ready to
> present?

He's obviously entirely clueless w.r.t. the security aspects of what he's 
suggesting. While that's obviously a very good line of argument, you may 
find that he's not particularly receptive to it.

Calculate the number of such web servers across the county. Obtain a price 
for a Windows NT host and IIS, along with any other software and support 
required. Also include the extra cost of hardware, where an upgrade would 
be required to run NT.

Calculate same for Linux.

Consider the response time in the event of security holes being found - 
both the time to the patch becoming available and the time to actually 
getting it on your servers.

Show the benefit of remote management - in the unlikely event that an 
Apache hole _is_ found, it can be installed across all the sites almost 
immediately. Price that benefit too, especially coupled with the 
probability that some of these servers won't have anyone on-site who can 
sensibly maintain them.

In the UK at least, I believe government purchasing guidelines say that you
should not purchase a product available from only a single vendor when there
is a suitable alternative product which is available from multiple sources. 
See if there are similar guidelines in place for your situation.

Ask him what the benefits of the IIS solution would be, obviously pointing 
out the irony of trying to standardise on it after the MS servers got 
cracked. Be prepared to counter any suggestion he might make.

Make sure you have a neutral third party present, for whom he will have a 
reasonable amount of respect. Someone who can make that kind of 
proclamation sounds fairly irrational to me - he may be unreceptive to 
sensible and logical arguments. The presence of someone else may help to 
control his behaviour. Sad, but true. 

Make minutes. Same reason. He has a boss, presumably? Or at least reports 
to someone / some group. If you totally destroy every argument he has for 
his crack-induced declaration, and he all but admits you're right, then 
goes ahead with it anyway, you may want to take it further. Again, the 
presence of a witness will help you here.

--
dwmw2

References:
- [seul-edu] Help, I need backup
  - From: "Jason Mellen" <jmellen@cfl.rr.com>

Prev by Date: Re: [seul-edu] youngsters logging in
Next by Date: [seul-edu] Looking for math curriculum
Prev by thread: Re: [seul-edu] Help, I need backup
Next by thread: Re: [seul-edu] Help, I need backup
Index(es):
- Date
- Thread