If you've arrived via a link and you want to see all the latest posts: Click here

Tuesday, 20 January 2009

Wrong people in the wrong jobs

Sometimes it's not so hard to see where money is wasted in the public sector, and how some swift culling would bring obvious results.

An excellent example is IT services manager Carol Hudson from some Sheffield NHS trust, which I don't know the name of.

The hospitals in question have just suffered an outbreak of the Conficker Worm - which is a type of virus which replicates itself automatically and can infect machines which are passive as long as they haven't been patched to the latest versions of Windows.

Initially you'd think that Carol are her team were super speedy to respond to the crisis - and they sent out an email to all staff asking them to keep hush if the press came sniffing due to the scale of the problem.

More info here: http://www.theregister.co.uk/2009/01/20/sheffield_conficker/

Then you realise why. Carol's department turned off the updates that would have prevented this from happening. They did this because they caused auto reboots of machines in surgery - which seems like something you wouldn't want - until you understand that they only did that because Carol's IT chaps hadn't configured it correctly.

I'm not an MS engineer. I haven't done all the courses to understand updates and domains etc. But even I know that you can configure a group policy so that some machines reboot and some don't. Or you can configure what time of day they reboot. And if you don't want them rebooting at all then you put a business policy in place to make sure that someone toddles round and power cycles them at a uncritical time.

And even if you didn't know that, you would know that if you turn off automatic updates then it's really worth your while checking the list of released updates to ensure that there's no serious vulnerabilities about.

The stupidity and ignorance of these IT managers and directors will have cost the trust hundreds of thousands of pounds, not to mention the the risk patients have been put at.

Thanks for the hard work sending out the email Carol, but your services are no longer needed here.
at 1:31 pm

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)