T2P Hiring, Sourcing & Staff Management News

Eight free IT outsourcing templates

2009-11-09T22:21:58Z

Get help structuring our next outsourcing deal with our link library of templates spelling out the best way to arrange SLAs and RFPs.

DOD approves new credentials for security professionals

2009-11-09T23:16:43Z

InfoSec News: DOD approves new credentials for security professionals: http://defensesystems.com/articles/2009/11/04/dod-approves-new-security-certification.aspx
By Kathleen Hickey Defense Systems Nov 05, 2009
The Defense Department has approved new credentials for information security professionals. The directive is expected to result in more than [...]

How to Compare Patch Management Software

2009-11-09T05:00:00Z

Patch management software helps organizations acquire, test and install code to fix known vulnerabilities in operating systems and applications. It also helps them assess exposure and prioritize patches (given your specific environment), identify missing patches that need to be remediated and produce real-time reports for compliance and other auditing needs.

Outsourcing - how to make sure it's reliable

2009-10-19T13:33:01Z

Outsourced IT is of little value if it's not reliable. William Benn offers advice on how to make sure you can count on your technology.

Last month I wrote about the critical dimension of security when outsourcing IT. Security ensures a safe environment in which the technology can operate.

Naked CIO: Social networks are useless for finding a job

2009-11-04T10:00:00Z

While social networking sites can be fun for connecting with family and friends, they're no use when it comes to professional networking, says the Naked CIO.

It used to be that social networking websites were a perfect place to collaborate with colleagues, bring together like-minded people and make professional contacts who could enhance your career. But no more.

Is Separation of Duties in IT a Help or a Hindrance?

2009-10-26T13:58:43Z

As companies and organizations grow in size, departments internally supporting the business grow as well. IT of course is one that must scale to accommodate business needs. If your department is small, it’s very likely that you know how all the components in your IT infrastructure are configured, what they are, what they do, and so forth. You know not only which servers host what resources, but know about the configuration of users in Active Directory, you may be responsible for provisioning those users, and for setting them up with VPN access, server access, and other actions unrelated to configuring the user in Exchange or giving them a mailbox as well as a login. You may be thinking, “Of course, Clemmer, but doesn’t everyone know about all the elements in a network and how the interrelate with email?”

Well, in larger organizations both operational responsibilities and security policies make the separation of duties for IT staff a reality. What does this mean? Well, the person who manages the firewalls and configures rules to allow email traffic between company sites or business units is very likely not the same email admin who is going to configure the SMTP connector or inter-site replication. The staff member that gets information from human resources and provisions accounts is likely not the same staff member that builds out hardware for servers, or configures desktops or notebooks for the new users. The security staff that manage proxies, load balancers, network anti-virus solutions and other security solutions are not the ones that will perform tuning and regular maintenance to your email servers, in most all cases. If you have backup and storage managed by a separate group in the IT staff, they may or may not know the specifics of backing up an Exchange database or server.

What will all the results of this separation of duties be? Will things work better or more poorly? Are you already in this sort of situation and frustrated that nothing seems to get done and that things take many times longer than they used to or seem that they should?

If you are a growing organization and thinking of separating duties and responsibilities because of workload, security, expertise, or all three, consider carefully what the impact will be. When one group does not know what another is doing, when, or why, it can make otherwise simple changes into boondoggles. Scheduling with clear communication between groups of planned outage times, priorities, and potential risks of course are important. Clear communication sounds easy, but when everyone is busy with their own work sometimes we forget that not everyone knows what we are doing and that everyone else may not have read every single email before they left work for the weekend, especially if the email was about another group’s project. When things do go wrong and problems erupt, affecting systems unexpectedly, is there a well-understood escalation process and means of contacting the staff needed to troubleshoot and resolve things? Monitoring systems and automatic email or text alerts are great as long as those systems can function properly and they have a connection outbound to the Internet and from there to you when the crisis happens.

Recently we discovered at one location that backups for some systems had not been running for a long time. No alerts or warning about that, because the backups weren’t configured in the first place. A few days later we discovered that some of the systems were not being monitored for performance at all, although there was monitoring software available and a plan was in place, it just wasn’t happening. These things went unnoticed by the staff directly administering and supporting those systems, because they did not have administrative or even read-only access to the backup technology or the monitoring solution. The staff did not have the means to even look and see if these important functions were active and operating as assumed. The problems have been corrected, and going forward, the staff has been granted access to check that the backups and monitoring are operating. This is an example of where separation of duties was problematic. The lessons learned were that we can’t assume that others know what we want, and that we should verify things. Just trusting someone in another area’s word that something is true isn’t enough–”show me” works better.

Organizations can be and will be so large that any one IT staffer simply can’t know everything about everything. The field is becoming complex enough that this is no longer possible. For large organizations, it’s not possible to have the same group manage every IT service. Since this is the reality, we are left with the task of ensuring that the different IT roles can and do work best together. As an email admin you may discover that you know more and more about less and less of the whole IT infrastructure. Just don’t take it to the point where you know everything about nothing!

Liked this post? Get more email management and administration related news from TheEmailAdmin.com!

Is Separation of Duties in IT a Help or a Hindrance?

Keep Your Outsourcing Provider Hungry for Your Business

2009-10-13T18:49:00Z

IT leaders are increasingly turning to multiple outsourcing vendors to obtain application development and maintenance services. They're finding that spreading their application development and maintenance work across, say, three vendors makes more sense than having a single provider perform all of the work.

Outsourcing Industry Mergers Spell Bad News for IT

2009-10-21T18:12:00Z

IT services industry watchers say the question is not if, but when the next big merger between outsourcing vendors will happen.

Opinion: IT is not the mailroom

2009-11-02T11:00:00Z

Paul Ingevaldson predicts that the companies that underperform when the economy recovers will include those that outsourced IT.

IT Security Outsourcing in Decline

2009-10-28T04:00:00Z

Seventh Annual Global Information Security Survey: Companies that once outsourced many IT security controls have opted to do more in-house. A look at what caused the shift. (Third in a four-part series)

Employee Communication: How to Calculate the Cost

2008-09-25T04:00:00Z

Tips on building a cost calculator to estimate what communications costs will be for moving or adding employees.

CFOs Find It's Nice to Share, within Limits

2009-10-27T20:00:00Z

Finance departments are continuing to move functions to offshore shared-services groups but are stopping short of full globalization.

Inefficiency as a Standard in Product Information Management - Information Management

2009-10-30T09:53:36Z

Inefficiency as a Standard in Product Information Management
Information Management
Streamlined data governance and controls lead to increased data availability, integrity and security as well as improved regulatory compliance. ...

Vendor sues Gartner over Magic Quadrant

2009-10-22T02:13:02Z

Small email archiving vendor ZL Technologies has sued Gartner over the content of a magic quadrant, a case that has some CIOs thinking about the way they use analysts.

Outsourcing Industry Mergers Spell Bad News for IT

2009-10-21T18:12:00Z

IT services industry watchers say the question is not if, but when the next big merger between outsourcing vendors will happen.

How to Royally Foul-Up an IT Outsourcing Project

2009-10-15T04:00:00Z

Outsourcing Virginia’s IT operations to Northrop Grumman was supposed to put the state’s network beyond politics, overhaul and standardize it and improve operations, but the effort has failed in almost every respect.

Profile of an IT Forensics Professional

2009-10-19T04:00:00Z

A snapshot look at the IT forensics profession from the perspective of Rob Lee, an IT forensics expert at Mandiant.

Cautious Optimism Guides CIO Hiring Plans

2009-09-02T04:00:00Z

Industry watchers expect the worst is over in terms of IT layoffs as many companies re-assess current staff levels and begin to slowly fill holes in high-tech skills within their organizations.

Beware of cloud computing consultants who focus on infrastructure - InfoWorld

2009-10-19T10:01:25Z

Beware of cloud computing consultants who focus on infrastructure
InfoWorld
Those are fine for the infrastructure component of your cloud strategy, but by themselves they do not address data, governance, security, and so on. ...

and more »

Getting a grip on multivendor virtualization

2009-10-14T10:00:00Z

Segregating vendors into different 'buckets' works for only a little while; at some point you'll need to figure out how to manage all of it cohesively. Here are some pointers.