Onboarding our first IT employee
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
โ09-01-2022 02:20 PM
My company has officially on boarded our first IT person! But Steven, you may be asking, you're the Systems Administrator, werenโt you the first IT person? Yes and no. When I was hired, I applied for a Drupal developer position with a little bit of sysadmin work. In a shock to no one in the IT community, the sysadmin work was much larger than expected, and I slowly transitioned over to full-time sysadmin. Since I wasnโt hired with the sole intention of being the systems administrator, I donโt really count myself as our first IT person.
Back to the main point of this post. Once we decided we were going to hire a Junior Systems Administrator, our COO, VP of Strategy, and myself sat down and figured out what on boarding was going to look like. We landed on the following items:
- Create accounts for him as if he was a developer.
- Password management account, Git account, Developer VPN access, SSH access to servers, etc.
- Development access worked well, because it has the most access to our infrastructure without giving admin privileges.
- Leave that as is for the first 30 days. If things were going well, after 30 days start giving him some admin privileges as needed.
- We didnโt want to give admin privileges to everything immediately for obvious security reasons (and we didnโt want him accidentally deleting our entire JumpCloud organization).
- After 60 days have him start doing on boarding of new employees as needed - We just happened to have a new employee get hired shortly after his 60 days so it worked out perfectly.
- I sat down with him and walked him through the on boarding process, ensuring he had admin privileges to what was needed.
- After 90 days, weโd introduce him to our vendor contacts. We decided on 90 days because this is the end of our typical โon boardingโ process for most employees. And at this point we would have a firm idea on if he was going to be a good long term fit on the team.
We were all pretty happy with this plan, as it allowed us and the organization as a whole to ensure he wasnโt going to nuke our entire infrastructure (he could be playing the long-con, thatโs still to be determined. Iโll write a follow up if he is.). I also wanted to make sure he didnโt feel like we didnโt trust him and never would, and that he didnโt get frustrated because he didnโt feel like he could do the job effectively. Occasionally youโll hear about new IT hires who are frustrated because they have access to nothing and their managers donโt trust them. In the SysAdmin subreddit the general consensus among managers and Sr. staff is โWell we donโt trust you. Get over it.โ While that is true to some extent, I wanted to make sure that he knew that โSure, we donโt trust you with the keys to the kingdom right now, but we will trust you as time goes onโ.
Hereโs where I get a bit technical, so if youโre only here for the rough โhereโs how we on boarded our first IT personโ then you probably want to skip to the end where I introduce you to our new Junior Systems Administrator. If youโre a tech nerd like me, read on!
The first admin privileges that our new Jr. SysAdmin needed access to was JumpCloudโs admin portal. After reading through the JumpCloud Admin Roles support page (which I wish would get updated to remove the legacy roles that donโt exist anymore @Anonymous ), I decided upon โManager.โ It gave him access to modify users in the case we needed a password reset, enroll and modify devices, and work with commands. The one hesitation I had with this role was that it also allowed him to delete users, but I had hoped (and not verified, I knowโฆ shame on me) that JumpCloud could undo it if he accidentally deleted a user.
The next set was giving him sudo privileges to servers. There were a few that I kept restricted, like our internal app that stores a lot of the company dataโI wrote a blog about it here actuallyโand our network controller server. After that, it was access to our cloud hosting account so that he could create and destroy servers as needed.
Around this time we hit his 60-day mark, and the time came to give him admin privileges to other software that was required for him to onboard new employees. I walked him through on boarding one employee, and heโs now done one or two others without any issue. Also around this time I bumped up his privileges in JumpCloud, so heโs now an Administrator.
And that brings us to the present day. We hit his 90 day review next week and Iโll send out emails to introduce him to all of our vendors. After that, the last step is to get him access to one of our biggest clients' infrastructure. We donโt have a timeline on that, but I expect weโll start the process here shortly.
So youโve now read nearly 900 words talking about this mystical being, I guess I should actually introduce him.
Zach is our Junior Systems Administrator; heโs a fresh college grad and has been fantastic to work with. Heโs always willing to take on whatever we throw at him, and while he doesnโt have a development background, heโs been teaching himself some PHP in his downtime (weโre a full PHP shop). For me, heโs been a breath of fresh air. Iโve been single handedly rebuilding, maintaining, expanding, and monitoring our infrastructure for almost 4 years. Having someone dedicated to taking care of some of that has been amazing. Iโm beyond excited to see where he goes and the type of stuff we can get done.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
โ09-02-2022 10:20 AM
Massive thanks for getting this completed, @steven. Well done! The roles still exist, btw, so the team is going to update to reflect that they aren't legacy vs. new anymore. Thanks for pointing that out so we can eliminate any confusion.
Like someone's post? Give them a kudo!
Did someone's answer help you? Please mark it as a solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
โ09-07-2022 02:27 PM
Oh interesting! I guess I never noticed they still existed, haha. Thanks for clarifying and getting that doc cleaned up a bit ๐
![](/skins/images/C210B62239BAF37B0AB0FAEB086BB5F1/responsive_peak/images/icon_anonymous_message.png)
![](/skins/images/C210B62239BAF37B0AB0FAEB086BB5F1/responsive_peak/images/icon_anonymous_message.png)