This article is aimed more for the I.T. Professional than for the layperson, however the fundamentals can be applied to many areas outside of Information Technology.
There are many areas in I.T. where poor documentation is a pain point. Most often the first experience people have with this problem is in programming; code that is poorly annotated can be fine if you’re the only one working on a program and you know all the ins-and-outs of what you’re doing (though some would argue that even in this situation good notes will make things easier in the long run), however when you begin to work in a team environment where more than one pair of eyes has to look at the code, good notes become imperative to the success of the team.
This is not a phenomenon that is limited to programming. I have witnessed huge numbers of hours lost trying to reverse-engineer a system that was poorly (or not at all) documented. Occasionally some of these systems have to be completely rebuilt from the ground up in order to resolve some issue that can’t be tracked down, resulting in large expenses of both time and money. I have also often been called in to address issues left behind by an employee who has left an organization suddenly and there is little or no clue as to what said employee was actually doing (either through laziness, or in a misguided attempt to attain job security by being the only one who understands the systems they support).
In all of the above situations, it is fairly obvious how good documentation would help. However, in my experience many I.T. professionals and managers don’t realize that good documentation can also make a more nimble and efficient I.T. organization, especially in lean environments.
When systems are properly documented, organizations aren’t stuck with resources that can’t be reassigned because they are the only ones who can maintain their area of responsibility. Good documentation allows you to cherry pick your best talent for important projects without worrying about the “hole” that will be made in the organization by that personnel being reassigned. Training new hires becomes a lot easier when there is a good set of documented policies and procedures in place for any duties a trainee will be learning.
Getting there can be a challenge; leadership has to cultivate a culture of documentation. Projects cannot be signed off as completed without good documentation being in place. Documenting becomes a part of implementation, and not something done after the fact.
This can be made easier by getting the staff to buy in and understand that documentation works to everyone’s advantage. One of the biggest hurdles is overcoming the all too common belief that hording information about processes and systems is a way to obtain “job security”, it should be pointed out that this behavior has a side-effect of getting one stuck on the corporate ladder.
Good documentation can make all the difference in your I.T. environment, it’s not just for coders anymore!
Wednesday, February 24, 2010
Monday, February 15, 2010
More Adobe Security Holes - Can't Catch a Break!
Adobe - Security Bulletins: APSB10-07 Security Advisory for Adobe Reader and Acrobat
Adobe has released the above security bulletin warning of more holes in its ubiquitous Flash and Reader applications. This comes on the heals of patches that were released almost exactly one month ago, to address other critical security holes.
Updates from Adobe will be available tomorrow, so be sure to patch your Adobe Reader (open Reader and click on Help -> Check for Updates...) and Flash (download here) first thing in the morning.
Adobe has released the above security bulletin warning of more holes in its ubiquitous Flash and Reader applications. This comes on the heals of patches that were released almost exactly one month ago, to address other critical security holes.
Updates from Adobe will be available tomorrow, so be sure to patch your Adobe Reader (open Reader and click on Help -> Check for Updates...) and Flash (download here) first thing in the morning.
Monday, February 8, 2010
Microsoft Patch Day
Microsoft Security Bulletin Advance Notification for February 2010
Microsoft has announced that tomorrow they will be releasing several patches to fix two dozen bugs and vulnerabilities in their Windows and Office software. If you are running XP you will have five critical OS updates, if you are running Vista or Windows 7 you will only have three.
If you want to get the patches as quickly as possible, I'd recommend running Windows Update or Microsoft Update first thing Tuesday morning. If you want to wait and install them overnight, make sure that your auto-update is turned on and leave your computer on overnight to patch it.
Microsoft has announced that tomorrow they will be releasing several patches to fix two dozen bugs and vulnerabilities in their Windows and Office software. If you are running XP you will have five critical OS updates, if you are running Vista or Windows 7 you will only have three.
If you want to get the patches as quickly as possible, I'd recommend running Windows Update or Microsoft Update first thing Tuesday morning. If you want to wait and install them overnight, make sure that your auto-update is turned on and leave your computer on overnight to patch it.
Wednesday, February 3, 2010
iPhone Patch Released - 3.1.3
It's time to patch your iPhone and/or iPod. Apple released a patch last night that addresses several vulnerabilities in the iPhone OS, some of these vulnerabilities already have exploits that are out "in the wild".
To patch your device, hook it up to your computer and launch iTunes and it should find the update automatically. If it doesn't, click on your iPhone or iPod icon and click the Update button, then follow the prompts. Depending on your Internet connection, the update can take about 10 to 15 minutes to download (longer on slower connections) and it takes another 10 minutes to do the install. During this time you will be unable to make or receive calls.
To patch your device, hook it up to your computer and launch iTunes and it should find the update automatically. If it doesn't, click on your iPhone or iPod icon and click the Update button, then follow the prompts. Depending on your Internet connection, the update can take about 10 to 15 minutes to download (longer on slower connections) and it takes another 10 minutes to do the install. During this time you will be unable to make or receive calls.
Tuesday, February 2, 2010
Change Your Twitter Password
According to several reports this morning, there's been a widespread phishing attack targeting Twitter accounts. One of the company's founders is recommending that users change their passwords to protect their Twitter account.
Note that if you use the same password for other sites, you may want to change those to. I usually recommend that you use a different password for each application so that none of them are shared, that way you don't have to worry about changing all of them if one is compromised.
This touches on one of the points in a recent post of mine, where a URL is sent to a user (in this case a URL purporting to belong to twitter that actually goes to a malware site using the old http://twitter.badsite.com trick) and when the user enters their login information it is harvested. Please be careful when you receive emails with links like this, especially if you're usually logged in to your social networking sites and all of the sudden you are being prompted for your credentials... this should make you suspicious. Sophos is reporting that these types of attacks have been on an upswing lately.
So instead of it being "follow friday" it's "threat tuesday", change your Twitter password today!
Note that if you use the same password for other sites, you may want to change those to. I usually recommend that you use a different password for each application so that none of them are shared, that way you don't have to worry about changing all of them if one is compromised.
This touches on one of the points in a recent post of mine, where a URL is sent to a user (in this case a URL purporting to belong to twitter that actually goes to a malware site using the old http://twitter.badsite.com trick) and when the user enters their login information it is harvested. Please be careful when you receive emails with links like this, especially if you're usually logged in to your social networking sites and all of the sudden you are being prompted for your credentials... this should make you suspicious. Sophos is reporting that these types of attacks have been on an upswing lately.
So instead of it being "follow friday" it's "threat tuesday", change your Twitter password today!
Subscribe to:
Posts (Atom)
Posts
