Server war stories:

Server war stories: Free webcast ( September 13)

Leave a Comment / Career & Education, The Executive Lounge, Windows / By

Server war stories:

Published at ZDnet

https://www.zdnet.com/article/server-war-stories-webcast/

How many server disaster stories (or close calls) do you think the average system administrator has under their belt?

We’re guessing that the answer would be a lot. Everyone who works with servers has heard of a story or experienced a breakdown. In a long career, it’s impossible not to. Often, it’s no one’s fault; it’s just a fact of life.

On September 13, ZDNet hosted a webcast, in which a panel of experts reminisced about some of their best server war stories — the ones where everything suddenly went pear shaped, until someone found out what went wrong and fixed it.

Live from Microsoft TechEd in the Gold Coast, Queensland, we were joined by IT industry analyst and strategist Sam Higgins, Microsoft senior program manager and “virtual PC guy” Ben Armstrong, South Australia Water senior IT architect Pete Calvert, and Fastlane Asia Pacific enterprise solutions manager Erdal Ozkaya who shared their stories of their biggest disasters and close calls.

These experts will talked about what caused the problem, what they did to make things right, and how they prevented it from happening again.

They also opened up about what they hate most about servers, new features they’ve loved or loathed, and the things they wish they could change.

Server war stories: Free webcast ( September 13) – Dr. Erdal Ozkaya
How to convince your boss to send you to the next TechEd – 4sysops

CISO Insight

Every seasoned IT professional has server war stories — the 3 AM outage, the failed migration, the misconfigured firewall rule that took down production. These stories are not just entertainment; they are the most effective form of knowledge transfer in our industry. When a practitioner shares what went wrong and what they learned, the entire community benefits. I have always believed that sharing failures honestly teaches more than showcasing successes.

Lessons from Server Infrastructure: What CISOs Should Know

Server administration may seem far removed from the CISO’s boardroom concerns, but the reality is that infrastructure decisions directly impact security posture. Server hardening, patch management, configuration management, and capacity planning are foundational security controls that determine whether an organisation’s environment is resilient or fragile. Many of the most devastating breaches in recent years traced back to unpatched servers, misconfigured services, or default credentials on infrastructure components that nobody remembered existed.

The evolution from physical servers to virtualised infrastructure to cloud services has changed how we manage servers but has not eliminated the fundamental responsibility to maintain them securely. Whether a workload runs on a physical server in a data centre, a virtual machine in a private cloud, or a container in a public cloud, the same principles apply: minimise the attack surface, apply patches promptly, monitor for anomalous behaviour, and maintain comprehensive configuration documentation.

Infrastructure Security Best Practices in 2026

Modern infrastructure security requires a layered approach that addresses both traditional server environments and cloud-native workloads. Server hardening should follow established benchmarks like CIS Benchmarks or DISA STIGs, with automated compliance checking to detect configuration drift. Patch management must be systematic and risk-prioritised, with critical patches applied within defined SLAs and emergency patching procedures for actively exploited vulnerabilities. Configuration management using infrastructure as code ensures that server configurations are version-controlled, reproducible, and auditable. And monitoring must go beyond availability metrics to include security-relevant telemetry — failed authentication attempts, privilege escalation events, unusual network connections, and file integrity changes.

Frequently Asked Questions

What are CIS Benchmarks and why should we use them?

CIS (Center for Internet Security) Benchmarks are consensus-based configuration guidelines for securing operating systems, applications, and cloud infrastructure. They provide specific, actionable hardening recommendations developed by a community of security practitioners. Using CIS Benchmarks as a baseline for server configuration provides a defensible standard that auditors and regulators recognise, and dramatically reduces the attack surface of infrastructure components.

How should organisations approach patch management in 2026?

Effective patch management requires automation, risk-based prioritisation, and defined SLAs. Critical vulnerabilities with known exploits should be patched within 24 to 48 hours. High-severity vulnerabilities should be patched within 7 to 14 days. Automated patch deployment tools, combined with testing environments that validate patches before production rollout, reduce both risk and operational burden. The key is treating patching as a continuous operational process rather than a periodic event.

Related reading: For server security and infrastructure hardening guidance, visit our Zero Trust Security Hub or explore the Cyber Resilience Framework.

Leave a Comment

Your email address will not be published. Required fields are marked *