General discussion
-
CreatorTopic
-
November 23, 1999 at 7:50 am #2080057
Policies and Procedures
Lockedby jclassen · about 24 years, 4 months ago
I have recently accepted the position of Network Administrator for a small company of 35 users. We have NT 4.0 file server (no domain) with log in thru Win 95/98, Linux for email and Unix for internet, but no policies or procedures of any kind exist. I feel it’s important that something be set in place to maintain the security and veracity of the system, especially when it comes to Network administration, upgrading of equipment, software/hardware acquisition, internet/email monitoring , reportsetc. Can anyone point me in a direction that will be helpful?
Topic is locked -
CreatorTopic
All Comments
-
AuthorReplies
-
-
November 24, 1999 at 8:47 am #3901939
Policies and Procedures
by tmcclure · about 24 years, 4 months ago
In reply to Policies and Procedures
I have not found much out there to help. There are some books, but they seem to be out of date. They reference main frame issues.
I ended up writting my own. And after 3 years I’m still not done. Here are some issues you should cover:
Security
Software licensing
Harware/Software standards
User do’s and don’ts
Anti-Virus policy
E-MailIf you would like I will E-Mail you some copies to review.
-
September 8, 2000 at 3:36 am #3743876
Policies and Procedures
by jclassen · about 23 years, 6 months ago
In reply to Policies and Procedures
Poster rated this answer
-
-
November 29, 1999 at 5:23 am #3901874
Policies and Procedures
by mdwalter · about 24 years, 4 months ago
In reply to Policies and Procedures
I would recommend speaking with a management consulting company, such as The Gartner Group, GIGA, or Net Reference. They can provide you with an analysis of industry best practices, and help you integrate some policies into your specific organization (for a fee, of course 8-).
-
September 8, 2000 at 3:36 am #3743877
Policies and Procedures
by jclassen · about 23 years, 6 months ago
In reply to Policies and Procedures
Poster rated this answer
-
-
December 20, 1999 at 5:20 am #3900334
Policies and Procedures
by darlap · about 24 years, 3 months ago
In reply to Policies and Procedures
I recently purchased through Barnes & Noble a book called Information Systems Policies and Pricedures Manual and it has become very handly. It assists you in the table of contents and information on how to start it. The book was written by George Jenkins.
-
September 8, 2000 at 3:36 am #3743878
Policies and Procedures
by jclassen · about 23 years, 6 months ago
In reply to Policies and Procedures
Poster rated this answer
-
-
December 21, 1999 at 6:32 am #3900315
Policies and Procedures
by leblancd · about 24 years, 3 months ago
In reply to Policies and Procedures
There is an actual RFC (Request for Comments) reguarding this issue.
You can request a copy from the following address:
RFC-SERVER@ISI.EDU
.Internet Site Security Handbook
– 1st Line of TEXT = Retrieve: RFC
– 2nd Line of TEXT = Doc-ID: RFC1244
– for help – 1st line of TEXT = Help: Help – don’t send a second lineYou will get a 6 part reply in the form of the Site Security Handbook.
Its pretty extensive, and quite helpful. In any case, its a good starting point.-
September 8, 2000 at 3:36 am #3743879
Policies and Procedures
by jclassen · about 23 years, 6 months ago
In reply to Policies and Procedures
Poster rated this answer
-
-
February 8, 2000 at 5:56 am #3897374
Policies and Procedures
by tim.both · about 24 years, 1 month ago
In reply to Policies and Procedures
I have found a series of books from Prentice Hall Publishing called “Information Systems Policies and Procedures Manual” They send out supplement publications to keep up to date. They cover a wide range of topics.
-
September 8, 2000 at 3:36 am #3743880
Policies and Procedures
by jclassen · about 23 years, 6 months ago
In reply to Policies and Procedures
Poster rated this answer
-
-
February 11, 2000 at 7:26 am #3897264
Policies and Procedures
by kd_morand · about 24 years, 1 month ago
In reply to Policies and Procedures
This is a situation crying for the long under-rated partnership of training and quality assurance.
It’s a small company, but that should make it easier to talk to management about your security and administration concerns. If your budget permits, run a needs assessment on your own department, but – be careful to not appear to want users to avoid doing some things – just to lighten your load. Make sure each issue represents a real benefit to the users and the company.
Present the findings to management or QA, if they exist. If not, management will most likely give you the authority to “publish” the protocol as policy. Be prepared to field some short training sessions, in groups if necessary, to address users’ responses or questions.
-
September 8, 2000 at 3:36 am #3743881
Policies and Procedures
by jclassen · about 23 years, 6 months ago
In reply to Policies and Procedures
Poster rated this answer
-
-
March 4, 2000 at 7:26 pm #3898520
Policies and Procedures
by gangstalove · about 24 years, 1 month ago
In reply to Policies and Procedures
The thing to recognize is that this will be a process where you will achieve milestones, but will never end. The first thing you should do is get a book, such as IS Survival Guide, by Bob Wilson, to lay out the basics for you on topics such as change management, security management, and managing your manager. At the same time, you should be meeting with the department heads at your company to assess their business requirements. You should look for network related organizations in your area, andtry to get advice/mentoring from some of the more senior members. Chop this huge task up into smaller tasks. This makes it easier to mark your progress. The most important thing is to gather information and come up with the solutions that are best for your particular company. A boilerplate plan devised by someone else may work, but you will not get the results that you should.
-
September 8, 2000 at 3:36 am #3743882
Policies and Procedures
by jclassen · about 23 years, 6 months ago
In reply to Policies and Procedures
Poster rated this answer
-
-
June 1, 2000 at 2:53 am #3893208
Policies and Procedures
by mwb · about 23 years, 10 months ago
In reply to Policies and Procedures
I would take a more hands-on approach:
1. Visit another network and see how they do it. If you don’t know anyone, call up a training outfit and get a tour of their facility. They usually have a lot of good policies in place.
2. Start w/network security. Go to your local Barnes & Noble and thumb through “Hacking Exposed”. It is a multiplatform book written for managers that teaches you what every high-school hacker knows about your system.
3. Don’t skimp on equipment. I buy good Compaq servers and then I can get used parts for years that just wont die.
4. Most important – GET MANAGEMENT BUY-IN. No policy will ever work if you don’t.
5. Use common sense – have fun!-
September 8, 2000 at 3:36 am #3743883
Policies and Procedures
by jclassen · about 23 years, 6 months ago
In reply to Policies and Procedures
Awesome. Thanks for your reply!
-
-
September 8, 2000 at 3:36 am #3743875
Policies and Procedures
by jclassen · about 23 years, 6 months ago
In reply to Policies and Procedures
This question was closed by the author
-
-
AuthorReplies