Tag: OS – Patch Management

Sample HPUX – AIX Backup- Recovery of User Files on Network Servers

Purpose To outline the use of network servers for storage, backup and recovery of user files. Scope Discussion: Employees who have Windows NT accounts also have a file storage folder allocated for their account on a network server.  This storage area is usually referred to as the user’s “U: drive”; and, when the user successfully… Continue reading Sample HPUX – AIX Backup- Recovery of User Files on Network Servers

Best Practices for Virus Protection

First and Foremost, Define your Security Policy Virus Protection has to be part of your security policy because viruses are security threats. What factors should you consider when designing security appropriate to your operation? 1. The number and density of personal computers If your company has many PCs or if there is a high ratio… Continue reading Best Practices for Virus Protection

HIPPA – Virus Prevention Plan

Purpose Computer anti-virus protection has the purpose of ensuring system integrity and substantially reducing the risk of data loss and business disruption in the event of a virus attack on Health Care Providers computer systems. It is the goal of the Health Care Providers that all viruses are detected and contained at the perimeter of… Continue reading HIPPA – Virus Prevention Plan

IT Manageability Life Cycle

Provision Discover and configure compute, storage and network elements to the operational state Monitor Discover, monitor, and alerting of  the ongoing state, health and performance of services Control Regular and preventative maintenance and service optimizations Fault Preventing, predicting and recovering operational state from faults Upgrade Change management, version control, & system staging End of Life… Continue reading IT Manageability Life Cycle

Predicting the future of Business and IT

“Some day on the corporate balance sheet, there will be an entry which reads information, for in most cases the information is more valuable than the hardware which possess it.”                         Admiral Grace Murray Hopper, United States Navy. Grace wherever you are ….. you were right !!!!

The Digital Divide

Provide for flexible secure coordinated resource sharing among dynamic collections of individuals, institutions & resources (a.k.a. virtual organizations). Increasingly complex and difficult to secure with traditional tools and methods. Landscape Emerging generations of eBusiness applications can be based on Web Services, layers of often incompatible middleware and computing platforms ranging from handheld wireless devices to… Continue reading The Digital Divide

Reduce TCO – Consider Virtualization

Server Workstation Applications Storage VMWare IBM Virtualization ZEN MS application Virtualization (App-v) Windows 7 Remote-App Windows 7 Roaming Profiles Windows 7 folder redirection Virtualize – Pano    MS System Center    MS Desktop Optimization Pack for Software Assurance    End User Benefits of desktop virtualization  

Most significant digital data issues

Responsible stewardship: effective recognition of the issue of sustained preservation & access Scalable, extensible and evolvable solutions for building and operating digital repositories in a networked world Trustworthy, verifiable methods for overcoming format obsolescence & providing sustained access to authentic electronic records Resources for digital preservation

Data Loss Prevention (DLP)

Learn from industry analysts, product experts, and customers to gain an understanding of how DLP solutions can help secure your sensitive information no matter where it resides in your organization. How Data Loss Prevention solutions fit into an overall information risk management strategy. How to discover, monitor and control sensitive information.  How to deploy enforcement… Continue reading Data Loss Prevention (DLP)

IT Challenges

  48% report a quarter or more of IT projects are delivered late 75% of Internet initiatives fail due to poor planning. 75% of e-business initiatives fail due to poor planning and lack of understanding of the technology. 38% report a quarter or more of IT projects are delivered lateMore importantly 60% of experienced knowledgeable… Continue reading IT Challenges

Backups alone are not enough

Poor policy management No Standards or procedures No indexing or search capabilities Poor segmentation Data is “clumped” on media haphazardly according to source time and place rather than according to policy Data sharing the same media cannot be truly expired Retrieval requests will bring back unrelated data Unworkable as everything we need archives for… Legal… Continue reading Backups alone are not enough

Sample Telco SLA Considerations

  Description Target % Dependencies Additional Comments Uptime/availability of critical Telecom systems       Uptime/availability of critical Telecom systems       Percentage of MAC reduction in Remedy       PBX availability:        Call volume:       International calls:        National  & Local:        Audioconferencing:  … Continue reading Sample Telco SLA Considerations

Common DOS/Windows commands and their Linux counterparts

  Copy a file  copy path1filename1 path2filename2  cp path1/filename1 path2/filename2  Copy subdirectory  xcopy path1. path2 /s  cp -R path1 path2  Delete a file  del filename  rm filename  Move a file  move path1filename1 path2  mv path1/filename1 path2      Rename a file  ren filename1 filename2  mv filename1 filename2  List a directory  dir  ls  Change directory  cd… Continue reading Common DOS/Windows commands and their Linux counterparts

Help Desk Enterprise Integration

Service Desk offers true enterprise-class integration services through its unique SNMP and SMTP Listeners. These powerful network listeners watch for alerts from enterprise management platforms such as Remedy, Landesk, CA Unicenter. Tivoli or HP Openview. When relevant events occur, trouble tickets can be automatically generated at the help desk.  From there the business rules that… Continue reading Help Desk Enterprise Integration

Anatomy of Audit Logging

The Information Security Forum’s (ISF) The Standard of Good Practice for Information Security (Version 4.1, January 2005) states that the objective for logging is “To ensure individual accountability and to enable incidents, such as access violations, to be investigated and resolved.” This is easy to state, but a major challenge to implement in heterogeneous environments… Continue reading Anatomy of Audit Logging

Help Desk – Change Controls considerations

Package software support Considerations: Third party development and/or maintenance Project Review by Management Restriction on Transfer to Production Documentation Change Control Procedures: Emergency Changes Segregation of Test and Production Approval of system testing Training in new systems Computer Operations Operations Procedures Supervision of Operations: Communications Management Documentation of Procedures Monitoring of Operations Network capacity review… Continue reading Help Desk – Change Controls considerations

Legacy Winlogon Initialization

During system initialization, before any user applications are active, Winlogon performs the following steps to ensure that it controls the workstation once the system is ready for user interaction: 1. Creates and opens an interactive window station (for example, aWindowsWindowStationsWinSta0 in the Object Manager namespace) to represent the keyboard, mouse, and monitor. Winlogon creates a… Continue reading Legacy Winlogon Initialization

Why COBIT

  COBIT resources should be used as a source of best practice guidance. Each of the following is organized by IT management process, as defined in the COBIT Framework. COBIT is intended for use by business and IT management, as well as IS auditors; therefore, its usage enables the understanding of business objectives, communication of… Continue reading Why COBIT

Service Level Expectations

Staff attrition makes it difficult to support heterogeneous environments: Applications impacted by data management Can’t proactively identify or address service issues  Limited tracking, reporting and documentation Standards perpetually emerging, impractical to implement Evolving technologies outdate policies, procedures Data expectations may not match existing policies No one wants their data deleted or sent offline    More… Continue reading Service Level Expectations

Increasing Data Growth

  Medical imaging, biotechnology imaging, geophysical engineering, digital media, databases, Physics, Digital animations, RFID / tracking, email: Multiple primary disks – raided / mirrored Multiple business continuance volume business continuance volume snapshots Replicated volumes Many generations of backups – onsite and offsite copies Additional extra copies “tucked away” (i.e. DB dumps)    Backup has this… Continue reading Increasing Data Growth

High level Antivirus Project Considerations

Expose us More Than in the past  Critical “E-Business” – Sales – Manufacturing – Development  Integrated (& Automated) Supply Chain  Concurrent Engineering  Increased Use of IT Contractors  Layoffs & Acquisitions (unhappy employees)    Background-Computer Viruses  Where do computer viruses come from? o Man-made, written by real people o Not… Continue reading High level Antivirus Project Considerations

Some Sample ITIL Domains

Service Level Management Service level management is the name given to the processes of planning, negotiating, co-coordinating, monitoring, and reporting on Service Level Agreements (SLAs). The process includes the on-going review of service achievement to ascertain that the required service quality is maintained and wherever necessary improved. SLAs contain specific targets against which performance can… Continue reading Some Sample ITIL Domains

Asset Management fix suggestions

Leverage asset technologies such as: WEBM CIMOM Asset discovery / management AV Assumptions: Reliable IP Controls Gold Standard system and releases ITIL Change controls ITIL CMDB Corporate overall governance https://www.bestitdocuments.com/Samples

Patch Management Dependencies

Technology and Business dependencies: eCommerce requirements Business processes Data Demographics Data Flows Application Development / testing Governance Policies, procedures, standards Compliances Technology dependencies: Active Directory (policies) Accurate DNS Accurate DHCP Accurate Asset Management Accurate IP Control Reliable Network infrastructure https://www.bestitdocuments.com/Samples

RFP Considerations for Acquisitions and Technology Dependencies

The needs that lead to a consideration of new acquisitions arise from an organization’s day-to-day Business objectives and business operations. Investment and work process analyses articulate these needs and may recommend process changes, procurement of a new system, or both. If procurement of a new system is an option, the organization enters Pre-Systems Acquisition. Analysis… Continue reading RFP Considerations for Acquisitions and Technology Dependencies

List of Suggested Security Awareness Raising Methods

The following topics are not organized in priority order; they are instead clustered by the type of communication involved.  Consider this list to be a menu from which appropriate activities may be selected.  The policy writer should not select just one or two of the following methods, but ten or twenty of them.  Repetition of… Continue reading List of Suggested Security Awareness Raising Methods