Best IT Blog

UNIX – Home Directory Policy

Posted in Application,Business (600),O S (375),Security (1500) by Guest on the May 12th, 2016

Home Directory Construction

Policy: Home directories must be constructed in accordance with the following guidelines:

  1. Each log-on account must have a unique home directory. 
  1. Every User must have their own individual account(s) 
  1. Every person’s user-ID must be associated with their home directory. 
  1. Only files unique to the user are to be stored in their home directory. 

Shared files or group projects must be stored on a shared directory 



Home Directory Responsibilities 

Policy: Users are accountable and responsible for all materials found in their home directory.

Only work related material may be held on corporate file servers.

The materials within a user’s home directory are the property of Corporate.

The Systems Administrator will publish backup and recovery procedures for data stored within home directories.


Home Directory Security

Policy: Permissions on a home directory must be set to 700.
If a user decides to make their directory accessible to others, the Systems Administrator must inform the user of the risks involved. The owner of the directory is the first point of contact for any discrepancies found within the directory.

Users are responsible for virus detection on files found within their home directory. This must be done daily. Users who frequently download files from the Internet must scan for viruses after every download.

Users must own all files and subdirectories within their home directories.

File systems containing home directories may not be exported outside the Systems Administrator’s Domain.

Comments Off on UNIX – Home Directory Policy

Sample Visio – 14 HCM, HRIS and Great Plains Financial Workflows

Posted in Application,Visio Samples - Stencils (457) by Guest on the March 1st, 2015

14 Free Visio HCM, HRIS and Great Plains Financial Workflows document downloads.

Technical Accounting Day Minus 4.vsd
Technical Accounting Day Minus 4a.vsd
Technical Accounting Day-10 – 14.vsd
Technical Accounting Day-13.vsd
Technical Accounting Day-15.vsd
Technical Accounting Day-2.vsd
Technical Accounting Day-3.vsd
Technical Accounting Day-4.vsd
Technical Accounting Day-5.vsd
Technical Accounting Day-6.vsd
Technical Accounting Day-7.vsd
Technical Accounting Day-8.vsd
Technical Accounting Day-9.vsd

Comments Off on Sample Visio – 14 HCM, HRIS and Great Plains Financial Workflows

Sample – Application Business Case

Posted in Application,Web Services (250) by Guest on the September 7th, 2014

The Enterprise Java Team’s has created a standard development Application Monitoring Standard. 

This project’s goal was to create a document outlining this standard and to look for any gaps in the currently available Application Monitoring Frameworks that need to be filled. 

This charter is to outline those gaps and the solutions to fill them. There are two types of gaps to be filled.  

  • Technology gaps that limit the use of the Monitoring Frameworks.  These would be filled by updating the High Availability Code itself
  • Missing Business Functionality gaps.  These would be filled by both updating the High Availability code and/or creating new application(s)

Business Problem(s)

It has been determined from members of the Enterprise Java Team that some missing capabilities exists in the currently existing High Availability Monitoring Frameworks.  

The High Availability Monitoring Frameworks is written code that has the following capabilities: 

  • A test harness that allows for testing standard infrastructure and application availability and to create application specific tests where the standard tests aren’t sufficient
  • A High Availability Test Harness that uses the same test suite as above but adds capabilities for notifications of problems, Logging of tests, and xml output for tool parsing 
  • A Threaded Monitor to run these tests in a development environment
  • Processes and Procedures to implement these tools

The above applications and processes need to be updated to fill the technology gaps. 

An additional application needs to be designed and created to generate reports out of the system including availability metrics to fill the Missing Business Functionality Gap. 

Business Opportunity

  • To fully enable the High Availability Monitoring Framework to support the availability of our Critical Applications
  • To fully enable the standards created by the Enterprise Java Team
  • To give the business community an application to show metrics on the tests run


To fill in the gaps that has been determined by the Development Team. 

  • Measurable Success Criteria (SLA / OLA’s)
  • A charter with detailed information on staffing, costs, and timelines necessary to complete the business requirements


High Level Functional Requirements

  • Source Code Management Technology (test tools)
  • The framework must be able to be configured separately for each application using the framework without the framework itself having to be kept in a separate branch for each application, or in multiple places in the source code repository

Multiple Instances Technology

  • The framework must be able to be configured to work where the application is deployed to two different servers, and the framework can be configured once, and still be able to:
    • Run tests against that particular application instance
    • Send notifications to support which reference the correct web server and JVM for looking at the logs

In Application Memory Technology

The framework must provide a facility for application writers to test facets of the application that reside completely within the memory space of the application. 

Reporting (SLA’s / OLA’s)

The framework must be able to provide a report of test execution results over time.  One of these reports must be a report of recent outages, which is simple and easy for a business owner to understand.  Included in this report should be availability metric.

  • Non-Functional Requirements
  • Document all High Level Functional Requirements
  • Major Project Activities
  • Interview Development Team members and possibly Business Partners to determine detailed implementation of the above High Level requirements
  • Gather requirements for the metrics application and application updates
  • Determine effort and staffing required to complete these requirements
  • Create a charter outlining these requirements, staffing, costs, etc

Items Out of Scope

  • Anything not in sections above


  • A comprehensive Application Charter

Assumptions and Dependencies

  • Availability of resources
  • Risks and Obstacles
  • Non-availability of resources


Comments Off on Sample – Application Business Case

Business Impact Analysis Expectations and Outcomes

Posted in Application,Compliances (1300),Security (1500) by Guest on the July 16th, 2014

An analysis can determine the outages impact on each business unit and the organization as a whole. Identify the interdependencies with other business units formulate basis of the recovery Strategies. 


  1. To determine the maximum downtime for each business unit
  2. To determine the critical business units of an organization
  3. To determine the priority for restoring the functions of each business unit of the organization 

BIA Summary

The Business Impact Analysis will:

  1. Determine the maximum downtime for each business unit
  2. Determine the critical business units of an organization
  3. Determine the priority for restoring the functions of each
  4. business unit of the organization     
  5. Formulate basis of the recovery strategies


Comments Off on Business Impact Analysis Expectations and Outcomes

Quality Engineer Checklist 2

Posted in Application by Guest on the April 4th, 2014

Quality Engineer: Review for effect on quality, safety, testing, and reliability of the product

o  Is the description of change clear? Are the redlines clear and complete?

o  Is the changed classified correctly?

o  Have the rules of interchangeability been followed?

o  Will the change require additional testing equipment, software, or additional resources? Will tests have to be reverified?

o  Do inspection plans or procedures require updating?

o  Will the change adversely affect performance requirements or other quality attributes? Will any recertification be necessary?

o  Has reliability, maintainability, or safety been impacted by the change?


Comments Off on Quality Engineer Checklist 2

Benefits of Outsourcing to MSS Provider

Posted in Application,Compliances (1300),Security (1500),Web Services (250) by Guest on the January 7th, 2014

Potentially the benefits from engaging a MSS provider has the capability of winning hands down when compared to any in-house effort. Following are a list of probable benefits gained from a relationship with a MSSP. These factors may contribute towards reducing risks faced by the client through a combination of risk mitigation and risk/liability sharing between the client and the MSSP.

  1. Lower Cost of Ownership: The cost of engaging a MSSP is typically less than hiring in-house, full-time security experts. The service provider can spread his investments in analysts, hardware, software, and facilities over several clients, reducing the per client cost.
  2. Leveraging Expertise: Qualified professionals with the appropriate skill set and experience are not available easily, hence the company needs to recruit, train, compensate and retain professionals. The cost for doing the same is usually prohibitive. However, while outsourcing the MSSP, providing top-notch personnel becomes his responsibility. Since the service provider is able to provide a variety of career options and exposure, he is more likely to retain personnel. Thus the company gets to leverage on the expertise offered by the MSSP
  3. Ensuring high level of Service: When an organization outsources from MSSP’s they receive near real time results 24 hours a day, 7 days a week and 365 days a year. However, in-house personnel would be available only within the office hours. MSSP’s can be held accountable to the Service level Agreement they sign with the company. Failure to do so can attract financial implications. Since MSSP’s have strict contractual agreement and must maintain their reputation in the market, their control measures are very stringent in terms of documentation and careful implementation. 


Several factors will affect the market space of Managed Security Service Providers in the next few years. Many new entrants are predicted to enter this space in the next few years. The new entrant would be of two types essentially

  1. Network Service Providers: Network Service providers would grow up the value chain to start providing Managed Security Services.

Security Management Products will grow up the learning curve, thereby reducing the workload of monitoring firewalls, IDS’s, Antivirus products, Content filters etc. Inspite of being high on costs these products would cater to a market segment, which is reluctant to outsource security.

Once you have frozen on your requirements that you need from the MSSP, research in detail for prospective companies.


Comments Off on Benefits of Outsourcing to MSS Provider
Next Page »