Best IT Documents.com Blog


My goodness where the heck is the information I need?

In the past and even more in the present employees found it difficult to locate the information and documents they need. The situation has several causes. The most prevalent problem is our lack of document organization and categorization. Employees experience pain when attempting to share documents with one another, save their documents in a common space, or discover an existing document

Currently, documents are saved in a wide variety of locations. In some cases, a SharePoint sites are used to share documents. Employees also save documents on their hard drives, or in numerous server areas. The most obvious problem with this diversity of locations is the inability to work on a current doc copy. Secondarily, an employee’s hard drive (or a server) might not be backed up. This lack of document organization and discoverability causes the organizations to lose valuable and sometimes irreplaceable resources, not only in the waste of employee’s time – there is also a serious loss of institutional knowledge when employees leave:

  • Employees get 50%-75% of their relevant information directly from other people.
  • More than 80% of enterprise’s digitized information resides in individual hard drives and personal files.
  • Individuals hold the key to the knowledge economy and most of it is lost when they leave the enterprise.

Why sit there reading this knowing it applies to you and your organization. Do something… fix it?

“Strategy without tactics is the slowest route to victory. Tactics without strategy is the noise before defeat.” Sun Tzu – The Art of War

http://bestitdocuments.com/Services.html
 

Comments Off on My goodness where the heck is the information I need?

Sample – Word – Disaster Recovery Contingency Organization

Posted in Business (600) by Guest on the September 9th, 2016

Word – Disaster Recovery Contingency Organization

Disaster_Recovery_Contingency_Organization.doc

Comments Off on Sample – Word – Disaster Recovery Contingency Organization

Patch and Vulnerability Research Resources

Overview

This procedure was developed to identify and evaluate system and application vulnerabilities through research. This document defines accountability and a process that shows where to look for vulnerabilities that affect [Client] and how to access [Client] personalized resources. By adhering to the following guidelines, [Client] keep abreast of new vulnerabilities, exploits, viruses and worms. The primary party responsible for complying with these procedures is the Risk Management’s Information Security Officer (ISO). Instructions for the frequency at which the ISO (or designee) should be checking these resources is listed below.

 

Source Documentation/Information

  • Cassandra Incident Response Databasehttps://cassandra.cerias.purdue.edu/user/logout.php A website developed by the Center for Education and Research in Information Assurance and Security (CERIAS). This site allows security professionals to build a profile that lists the vendors and OS’ that apply to their infrastructure. The site gets its information from the ICAT database maintained by NIST. This site is secured using SSL 128 bit encryption.

 

  • The Internet Storm Centerhttp://isc.incidents.org/ Supported by the SysAdmin Audit Network Security Institute (SANS), a website that takes volunteered IDS logs from around the world (Over 3 million) and makes the statistics available on the internet free of charge. This web site is good to see what the top ten scanned ports are and the top ten IPs they are coming from.

 

  • CERT Current Activityhttp://www.cert.org/current/current_activity.html The CERT Coordination Center (CERT/CC) was formed by the Defense Advanced Research Projects Agency (DARPA) in November 1988 in response to the needs identified during an Internet security incident. The CERT/CC is part of the Networked Systems Survivability (NSS) Program at the Software Engineering Institute (SEI), Carnegie Mellon University. The primary goal of the NSS Program is to ensure that appropriate technology and systems management practices are used to resist attacks on networked systems and to limit damage and ensure continuity of critical services in spite of successful attacks.

 

  • Secuniahttp://www.secunia.com/advisories The Secunia Security Advisories list is free and designed for the IT professional who wants one source of information about the latest software vulnerabilities and security fixes. This site ranks the vulnerability based on a 1 – 5 ranking. Outstanding site for justifying the need for patches or mitigation.

 

  • SecureFocus BugTraq Vulnerability Forumhttp://online.securityfocus.com/archive/1 The Bugtraq forum is a site that lists all correspondence relating to vulnerabilities that may or may not be verified. There is a process once items are entered into the Bugtraq Forum where CERT reviews submitted issues, evaluates them and gives them a candidate number. After thorough evaluation, if the candidate is a true vulnerability, it will receive a CVE (Common Vulnerabilities and Exposures) designation.


  • Microsoft Security Notification Service – http://www.microsoft.com/security/security_bulletins/decision.asp Microsoft TechNet offers the Microsoft Security Notification Service. These e-mail messages are geared toward IT professionals and contain in-depth technical information. This information will state the date the problem was found, what the problem is and how to mitigate the problem. In many cases the bulletins list “Mitigating Factors” that may make the vulnerability non-applicable or may heighten the need for action. The bulletins also have patch information available such as if a patch is available, where to get the patch and what the patch does.

 

  • SANS Newsbites – http://portal.sans.org/register.php The SANS NewsBites is a weekly high-level executive summary of the most important news articles that have been published on computer security during the last week. Each news item is very briefly summarized and includes a reference on the web for detailed information, if possible. Spend five minutes per week to keep up with the high-level perspective of all the latest security news. Each issue is delivered weekly by email, Free.

 

  • ICAT Databasehttp://icat.nist.gov/icat.cfm The ICAT Metabase is a searchable index of computer vulnerabilities. ICAT links users into a variety of publicly available vulnerability databases and patch sites. ICAT indexes the information available in CERT advisories, ISS X-Force, Security Focus, NT Bugtraq, Bugtraq, and a variety of vendor security and patch bulletins. ICAT is maintained by the National Institute of Standards and Technology. The ICAT DB is Uses the CVE naming standard.
Comments Off on Patch and Vulnerability Research Resources

Sample – Word – Insurance Policy Inventory

Posted in Business (600) by Guest on the August 8th, 2016

Word – Insurance Policy Inventory

Insurance_Policy_Inventory.doc

Comments Off on Sample – Word – Insurance Policy Inventory

Sample – Word Clinical – Role Based Access Actors and Key Use Cases

Posted in Business (600),O S (375),Security (1500) by Guest on the August 7th, 2016
Comments Off on Sample – Word Clinical – Role Based Access Actors and Key Use Cases

Sample – Word – Server Installation Request Process

Posted in Business (600),Data Center - SOC - NOC,O S (375) by Guest on the June 22nd, 2016

Word – Server Installation Request Process

Server_Installation_Request_Process.doc

Comments Off on Sample – Word – Server Installation Request Process
Next Page »