I also wrote about Incident Response and Disaster Planning; Risk Identification and Management; Intrusion Detection/Prevention Systems and Strategies; and Skills, Requirements, and Certifications, with the idea that a good balance of all these subjects can prevent or mitigate most security issues. For example, with properly trained administrators and engineers, solutions will be more secure and stable, thus lowering the number of incident responses and disaster recoveries. With proper risk management and identification, projects can run more smoothly, resulting in better implementation without sacrificing scope, budget, timeline, or quality. The best intrusion detection and prevention systems are junk without a properly trained person to install and configure them; Nothing works out of the box. Although these security topics may seem somewhat disconnected, they all come into play when performing projects, implementing solutions, and planning your enterprises.
I get my reference sources from the “Database of Infinite Knowledge,” sometimes known as Google. Once I decide on a topic, I generally first write out what my thoughts are and then google the topic and read several articles. I try to select the most credible articles that I believe do the best job explaining the topic I chose. Not only does that allow me to pick a source to quote, but it also allows me to supplement my objective with points that I may not have initially considered. I believe it is OK to revise my stance on a subject while doing this, since I don’t always just pick the articles that agree with my opinion. For example, I am a Windows Engineer and have been one for years; I started out in Unix and progressed through Novell, Linux, and eventually Windows. I was just given an article listing 10 reasons why Linux is better in my datacenter than Windows. While I laughed a lot, it did have some valid points, mostly about having properly trained people to run your datacenter.
I do believe a blog like this can be beneficial to an IT professional, for both the reader and the author. As the writer, I get to fully explore and research topics to increase my personal knowledge and expertise. As an IT Professional, I myself follow several blogs and often use them when troubleshooting an issue. Very rarely am I the first to experience a particular problem, so why reinvent the wheel? I have had a few IT Professionals I know comment on my blog and request posts on certain subjects. Now that class is over, I intend to fulfill a request and post on an IPV6 issue a peer is experiencing. My advice to the next group of students is to always choose a topic in which you have experience or interest. I have very little to do with our intrusion detection and prevention systems, so that blog post was the hardest one that I had to write, as I had to rely mostly on other people’s documentation and my limited experience. Make sure to blog about your own individual and unique interests, experiences, and viewpoints, and you will be surprised to discover the number of other professionals who share many of your same situations, frustrations, and opinions.
http://www.writersdigest.com/online-editor/the-12-dos-and-donts-of-writing-a-blog
Well done.
ReplyDelete