DES MOINES
OMAHA
WWW.INTERNETSOLVER.COM
A White Paper from Internet Solver
“What if something
happened to your network
administrator? What if the
network administrator left
tomorrow? Would you
have the information
necessary to keep
everything running
smoothly?”
Internet Solver 11308 Aurora Avenue Urbandale, IA 50322 515.224.9229 12030 Pacific Street Omaha, NE 68154 402.431.54326 Things Your Network
Administrator Should Be
Documenting For You
This report outlines the information that should be documented on every network. Effective risk management for businesses and organizations is much more than obtaining the appropriate insurance coverage. It’s about documenting the information necessary to function in the event of a disaster or the loss of key personnel. Here, we outline the information your IT staff should be providing to upper management to ensure the ability to serve your core mission if that staff were suddenly unavailable.
WRITTEN BY:
LARRY PEDERSEN, PRESIDENT CONTRIBUTIONS BY:
JEANNE STEWART, NETWORK ENGINEER DORA GROTE, CLIENT TECHNOLOGY ADVISOR APRIL 18, 2011
ABOUT INTERNET SOLVER
Founded in 2002, Internet Solver is a leading provider of voice and data solutions to businesses and organizations throughout Central Iowa and Nebraska. We primarily service the small-medium business market of 10-100 users. Through effective utilization of technology and staff, we provide the functionality of a fully-operating IT department that is necessary to support your staff, secure your network and protect your data. Internet Solver serves as an honest and friendly advisor to ensure technology is positioned for business growth. Our relationships with our clients create a connection where long term planning, reporting, advising, and budgeting are part of the services provided through organized technology planning and reviews. Our employees are honest, friendly, thorough, professional, and accountable who listen to the real needs of our clients.
“We’re fine – we have an
internal person and
everything is running
smoothly”.
We have someone on staff…
One of my roles in the company is business development, continually reaching out to meet with decision makers to discuss the technologies currently in place in their operation and how they are managed. “We’re fine – we have an internal person and everything is running smoothly”. As I make phone calls and speak to business owners and managers, this is something I hear repeatedly. I can’t help but wonder if there is a false sense of security taking place. The first question I have is “If technology is not your core business, how do you know your IT person is taking full advantage of the technology tools available”?
Most businesses usually engage with a professional to review their internal accounting practices. You wouldn’t draft or sign a critical legal document without oversight from an attorney. You wouldn’t design a new building or facility without an architect. Yet, many organizations employ a network administrator to handle their most critical asset – their data and the network system - without any type of secondary review! Technology is not simply putting square pegs into square holes and round pegs into round holes….it’s designed to be modified to work with other applications and to fit each organization’s needs. Because of that, individuals often are able to manipulate and adapt systems until everything appears to be running smoothly. But is it? Is a potential “house of cards” actually being assembled?
Many times, that is not the case. However, on numerous occasions we’ve seen pending disasters. Again, this is not the fault of an internal administrator, rather it’s due to the lack of a support system to go to for input or guidance, lack of training on new technologies or simply, a lack of exposure to the numerous environments, solutions and best practices that a third-party organization sees from the larger base of clients that they are privileged to work with and be exposed to.
For the sake of argument, let’s assume that the internal staff you have in place is extremely competent (and most are), is well-exposed to new ideas and technologies, and adheres to a set of “best practices” to provide you with a solid, secure IT system for you. There is still a potential risk in this… Many times a large piece of the intellectual knowledge regarding the network (passwords, configurations, unique setups) is carried around in that person’s head, not documented for longevity. And, if that person suddenly becomes unavailable to you, that information is gone…… sometimes forever. The key then, is to determine what information needs to be documented and where it should be kept.
1. Gather passwords
2. Store securely
3. Update Regularly
1. Passwords
Passwords – This is the first thing that comes to mind for most people. What unique passwords does your internal administrator use on the network? You might be surprised at how many passwords are used on the multiple applications in use on your network. You also might be surprised at the lack of creativity/security with the actual passwords used (but that’s another subject). You should have on file, a complete list of all passwords used by your IT staff for the network and key application found within. These include your “internal” system:
Administrator password for network
Firewall
Backup Software
Anti-Virus Software
Anti-Spam Software or Appliance
Line of Business (LOB) applications
There are also probably passwords that apply to “external” components (web-hosted applications, control consoles, vendor resources)
Online backup
Technical support websites
Internet Service Providers
Vendor Websites
Once you’ve been able to obtain a list of critical passwords the next question is “Where should these be kept”? After all, passwords are for security so they need to be available to a select few and kept in a secure location. Whether it’s electronic or hard copy, determine a secure location that is known to the appropriate parties.
Finally, like any documentation kept, it can become outdated. Schedule this for review at least annually with the understanding that your network staff should immediately provide you with any new passwords as systems are updated and anything is revised.
2. Key Vendors
Until they begin listing all vendors relied upon for key network
applications, peripherals and services, most people have no idea just how many different parties come together to provide a complete working network. Frequently, the network administrator is the only person having contact with some of these vendors and without a complete listing, precious time is lost trying to figure out “who did we get that from?” A Key Vendor Listing should at least include the following:
ISP(s) utilized for internet access
Phone provider
Application providers
Document imaging (copiers, printers, scanners)
Security / Surveillance
Product Providers
Phone Provider
Once your list has been established, identify a second contact to be named with each of these vendors.
“
A picture paints a thousand
words”
3. Applications and Renewal Dates
Many times, applications are reliant upon annual subscriptions for product updates as well as technical support. Having this information together along with renewal dates can be invaluable. These may include:
Accounting system
Anti-Virus
Backup software
LOB applications
Firewall support
Warranty extensions on servers and key components
Circuits (This can be a source of savings as agreements expire – new circuits are typically available at more attractive rates)
4. Special Configurations & Settings
There are also certain settings that would be unique to your network, applications and user settings for remote access, data routing, peripheral access and other key functions. The unique settings should cover the following areas:
Router and/or firewall
Group Policies for users
Peripheral settings (printers, etc.)
Workstation settings
Key application settings and preferences
Wireless settings
A good idea is to maintain installation screenshots or instructions sets as well as backup files for configuration purposes.
5. Network Diagram
We’ve all heard the phrase “A picture is worth a thousand words”. This applies to a network diagram. If someone unfamiliar with a network is suddenly asked to help configure or troubleshoot an issue, there is no faster way for them to understand the basic configuration of a network than to have a network diagram that accurately depicts the key components found within the network.
If your administrator does not have access to a program such as Visio, they can simply either draft a diagram by hand. A network diagram should minimally have the following items detailed:
Server identifications
IP Scheme
Firewall identification
ISP / Communication links
Branch / Remote locations & users
Wireless Configurations
6. Other Items
Often, administrators are responsible for anything wireless or “with a cord”. Document all unique areas that this may cover including:
Smart Phones
Phone System, PBX, VoIP
Imaging (printers, scanners, copiers)
Television
Cable
Satellite
Facilities
Regular Updates
This has been mentioned before, but it bears repeating……perform regular reviews to ensure your information is updated and accurate. Minimally, this should be done on an annual basis or preferably, it should be done semi-annually. Ideally, this would be reviewed by a third-party. Having a third party review of your information positions a new set of eyes to look over the information and to actually test the validity of the
information. Do the passwords work? Are the instructions and configurations accurate? Could an outside party actually access the necessary components of the network if they were called in to assist?
“We can enhance their work
by placing an entire IT
department at their disposal”
What we can do for you
If you have an internal staff member designated for daily network support, we can enhance their work by placing an entire IT department at their disposal.
Imagine that person having a help desk, engineering services and a virtual CIO available to assist with work overload, difficult issues that need “an extra set of eyes”, technology research and planning, advice based upon over significant experience and exposure to multiple environments, technologies and manufacturers.
By partnering with Internet Solver, you could be positioning your internal position for success. At the same time, you gain the benefit of our years of experience and defined best practices that can reposition your IT
environment to serve your organization.
Having us there to compliment your staff means that they can now take vacation and not perpetually be on call. It also ensures that in the event of a catastrophe, the information has been documented and is not lost with that individual.
Protecting your network and ensuring the security of your data is a
tremendous responsibility that should not be underestimated. We’ve helped to identify items to be documented in this white paper. Now, it’s up to you to determine who is best suited to document and protect this information for the benefit of your organization.
If you would like more information about our company or are interested in having Internet Solver assist with documenting your network, contact us by sending an email to sales@internetsolver.com or call us at 888.368.6911.