Troubleshooting in IT & IT Security

I started out in IT Helpdesk which has helped me tremendously in IT Security. Hopefully these short lists help you in some way. These are not meant to be exhaustive. Remember, no one knows everything.

IT Troubleshooting

  • What’s going on?
  • What error are you getting?
  • Did you reboot your computer? 
  • Is the “thing” turned on/plugged in?
  • When does the error happen?
  • Does it work on your computer?
  • Does it work on my computer?
  • Does it work under a different user profile on the same computer?
  • Check your own notes. Have you encountered this issue before?
  • Google for any known issues online. Follow the rabbit hole until you find an answer.
  • Search ticketing system and/or knowledge base for any similar issues.
  • Boom, the shit works!

Communication

  • Be nice, personable.
  • Don’t be an a**hole. People make mistakes.
  • Acknowledge person’s frustrations on the IT issue
  • Show empathy for what they’re dealing with; they’re not mad at you, they’re mad at this stupid computer not working.
  • Let them know you’ll look into it if you’re stuck and/or haven’t seen the issue before.
  • Ask a co-worker for help if needed.
  • Ask social media IT/IT Security if you’ve reached your dead-end. Super smart people are online.
  • If you make a mistake, say it. Own it. Don’t lie. People’s bullshit meter works. You’re human. Humans make mistakes.
  • Escalate difficult users to your manager.

Troubleshooting in IT Security

  • If you’re in IT Security, the goal is not to always say no to users. The goal is to find the most secure way for them to do XYZ. The goal is to reduce risk for your users and company.
  • The internet does not always have a secure “fix”. Understand that fixing a user’s issue may not always be the secure way that someone posted online. For example, do not re-enable 90’s technology like SSL 3.0, TLS 1.0.
  • Group policy and/or global baseline configurations for securing systems is key. Don’t want Bob to screw up a setting? Set the items by default to be the most secure. Check out CIS hardening; https://www.cisecurity.org/cis-benchmarks/ .
  • Don’t hand out admin rights to users. Make approved software available to your users via a centralized repository. For example, SCCM software center.
  • Coding examples online (Stack Overflow) most times do not factor in the most secure way. It’s normally a quick answer to do XYZ.
  • If you don’t know the most secure way, research it!!! Major vendors like Microsoft provide best practices / guidance.
  • Determine how to move things towards a more secure method. Accept small wins. Work towards the bigger items. Submit a project request if needed.
  • Build relationships with various people in the company. This allows you to further advance XYZ security items you find. Help them solve XYZ and do it in a secure way.
  • Integrate IT Security into various company processes that bring in risk for your company. For example, scan new system builds, patching systems, deploying a web proxy, IT Security awareness for users, etc.
  • Should this PII data even be saved by the company? Do we absolutely need to write down this PII on paper? How often do we purge PII data that isn’t needed anymore? How is it secured?
Back to blog

Leave a comment

Please note, comments need to be approved before they are published.