Hello,
This is a Huge subject and policies procedures etc are influenced by
company, requlations (SOX, HEPPA) & Managment willigness to support your
initiative, here are some suggestions.
1. Reduce number of server admins & restrict admin rights to absulute
minimum.
2. Employ monitoring software such as Whats up Gold, MOM, SMS Insight
manager etc for alerts, automate where possible.
3. Tighten Phsical Security in server room.
4. Remove PC-Anywhwere type of access, limit console access via Raritan in
as few location as possible-Group server access by Group Responsible.
5. Document DR requirement per server and develop procedures and testing
frequetly.
6. Devise comprehensive Data retention, backup offsite\onsite restore and
Tape policies.
7.Test restores Freqently, may be offsite, address shortcoming and develop
written plan.
8.Snapshot, replcate and clone important data when possible.
9. Create and Maintain comprehensive documentation on Serverlist,
including installed app, group responsible, oncall list, off hr support &
lable everything possible.
10.Have change\reverse procedures for servers, hardware, application &
develop a test enviroments.
11.Have Offhrs operations staff for routine works & train them to monitor
servers etc.
12.Develop Patch managment\updates.
13. Whenever possible enable heighest possible support for technology in
use & retire older technologies servers\hardware asap, have fall back plan
in place.
14. Review and understand your domain\DNS, Wins, DHCP, AD
servers\processes and document recovery\fallback, build in redundency &
failover.
15.Work closely with Network, security to understand infrastructure and
any changes that would impect you.
16.Reduce number of servers to minimum and enable vertulization
technologies where possible, i,e VMWARE, Cloning, Ghosting etc.
17.If you dont have first level support now, implement if you can Help
Desk support & train staff.
18.Have Auditors go through your ducumented procedure and check for
compliance with company, legal requirements.
19. Plan ahead and budget years in advance for any new technology
introduction.
I hope that this is a good start, you will need penty of help and support,
think of this as long term plan and dont have to do everything at once.
HTH
To sign off this list, send email to listserv AT listserv.temple DOT edu and
type "signoff networker" in the body of the email. Please write to
networker-request AT listserv.temple DOT edu if you have any problems with this
list. You can access the archives at
http://listserv.temple.edu/archives/networker.html or
via RSS at http://listserv.temple.edu/cgi-bin/wa?RSS&L=NETWORKER
|