Does everyone really need to be in the Administrator role in the company? Indeed, is anyone running in such a role as a day-to-day norm? If so, it really is time to lock things down.
You can also do much to mitigate against either wilful or careless network browsing by carefully and selectively locking down firewalls and turning computers from being general-purpose devices into task-oriented machines.
For example, does the computer running the accounts package really need to have full internet browsing capabilities? Why not lock it down, both locally and on the main firewall, to help prevent accidental incursion of malware or other nasties? A little planning here, coupled with clear thinking and a structured logical approach, can do wonders to improve the network security profile.
Finally, if you run a desktop antivirus package, then make sure it has a single point of updating, and that all the desktops are kept tightly in sync. Discovering that a dusty unloved computer in the corner is actually a hotbed of malware isn’t the sort of thing you want to experience on a busy Friday morning.
Collaboration
Collaboration has been an industry buzzword for the past few years, as the software vendors try to lift the single desktop user into a productive group. Much of this has been hoopla and hype, and hasn’t warranted the investment, either in time or money.
Small investments in the global address list can reap huge benefits – there’s nothing worse than someone saying, “I didn’t get the email” because they were left off the list
But there’s much that can be done for little cost – for example, do you have internal mailgroups that allow you to send important material to all the salesmen? Or all the directors? Or the whole company? Small investments in the global address list can reap huge benefits – there’s nothing worse than someone saying, “I didn’t get the email” because they were left off the list.
Once you get this sort of collaboration working well, both using email and shared file space as the transports, you should think about true shared workspaces. But to make this a really seamless experience using solutions such as SharePoint, you’ll need a recent version of Office to get the full integration to smooth over the cracks.
There are online solutions – Microsoft has Live Workspace, for example. You can share documents in Google Docs, and so on. But both of these are more home-ware than work-quality solutions, at least in their current beta form. And they involve relying on services outside of your building, which puts more strain on internet connectivity than might be supportable.
Backup
It’s astonishing how many companies get backup wrong. There are three things to consider here. First, there’s backup and restore for recent data. Then there’s disaster recovery to bring back servers from the dead. Finally, there’s the role of archiving for long-term storage.
Each one has its own requirements, each one needs its own planning, testing and validation. You can merge several roles together if you want to, especially backup/restore and DR, but you must be sure that the requirement of each role has been properly considered, tested and approved. For example, finding that the tape drive can’t back up the servers within the overnight window can come as a shock. Discovering the tape drive can’t read tapes it’s written comes as a worse shock.
To adequately cover the ins and outs of this topic takes far more space than is available here: we’ll cover it fully in a later instalment of this series. Be in no doubt, some of the worst thinking in SMB IT is in the backup/DR/archive space, and many companies are clinging on by their fingertips.
Disclaimer: Some pages on this site may include an affiliate link. This does not effect our editorial in any way.
