As the editor of SearchWindowsSecurity.com, I often speak with users about their Windows security responsibilities. One senior systems analyst in particular sent me an interesting note recently... To give you some background, he's in charge of configuring and administering desktop systems (primarily Win2000 and XP)for a large company, and he developed many of the security policies and procedures in place for those desktops. However, even with those seemingly important tasks on his plate, he said he took over Windows security only because no one else had.
He specifically said: "I ended up taking over the security functions because no one else was looking after them. I've learned a lot (enough to know there's so much more to learn), earned my CISSP and started specializing in MS Windows security. I never really set out to do that though."
Does this sound familiar to you? Were you recently or temporarily assigned Windows security responsibilities because they weren't being handled? Did you choose to take over Windows security on your own? How long have you been working at it, or plan to?
Any feedback is appreciated. I will include comments in a story for SearchWindowsSecurity.com. I'm just trying to get a sense of how people got into the Windows security field, how long they've been in charge of securing Windows systems and if they plan to stay there.
You may contact me publicly or privately. Thanks for your time and attention!