30 Nov 2012

In Praise of Paranoid Sysadmins

Sadly, it’s not unusual for an SEO to get some pushback on some of the changes they want to make to a client’s website. The reasons for the objections can be as varied as the people making them. Take all of them seriously and address them politely, of course – and pay particular heed to the paranoid sysadmin.

Where most people see paranoia, the paranoid sysadmin sees simple security consciousness. He’s probably a veteran of distributed denial of service attacks, personally built more spam blockades than he can count, has given lectures on proper protocols for avoiding malware so many times he can do them in his sleep, and the list goes on and on. And now he’s supposed to allow a marketer nearly unfettered access to the company website?

Before you call him “paranoid”…

Consider this: anything that takes down that company website will do serious damage to whatever SEO techniques you’re using to build it up. Anything that installs malware on your website and causes it to propagate to visitors will raise red flags with Google at the very least. It will also cause a major drop off in traffic and spread ill will. So if you don’t think website security is an SEO issue, think again.

If you can look at the situation through the eyes of a security conscious systems administrator, you may be able to get willing assistance rather than sullenness. For example, a sysadmin who is reluctant to put data in the cloud may change his mind if he sees how secure the cloud can be. If he’s reluctant to give you the kind of access to your client’s website that you need, explain – in as much detail as necessary – what you’re going to do with that access.

Be prepared to answer questions as to why you need that access, too. If the sysadmin wants you to work through him, you may need to patiently explain why that won’t work. You’ll be making enough changes on a regular basis that it would take too much time away from the sysadmin’s regular job. With any luck, you’ll be able to work out a good compromise. Don’t balk if he asks for regular reports on what you’ve done to the website; the site owner probably wants that kind of report anyway.

A security conscious sysadmin can be your best friend if you get him on your side. If and when you spot a problem with your client’s website, and it’s a potential security issue, he’ll want to fix it as soon as possible. He hates issues with the company website – especially ones that take the site down – as much as you do. But you need to be as transparent as possible; I’ve heard too many stories to say that a paranoid systems administrator won’t suspect an SEO of doing something that harmed the website!

The truth is, SEOs and security conscious systems administrators should be natural allies. They both want a secure, working website that smoothly serves visitors with what they need, and helps the business prosper. They each bring different talents to the table to help achieve this. And they achieve their goals best when they work together.