| Copyright April 2006
The Ten Commandments
Computer downtime is a major cause of frustration and productivity loss. To minimise downtime, commence by performing an audit of the existing IT infrastructure: PCs, peripheral devices, Internet connection, email provider etc and documenting accordingly. Then consider the following:
1. Install a dedicated server:
a. All mission critical data should be stored on the server including email accounts. Data should not be stored on individuals PCs
b. Protect and secure mission critical data so that it cannot maliciously or inadvertently deleted.
2. Define the user access rights:
Establish and implement policies and permissions for:
i. Local
ii. Wireless - If wireless access is required set up in a secure manner (encrypted, SSID not broadcasted)
iii. Remote access - Is remote access required?
3. Implement appropriate privacy and security procedures:
a. Standardise the log on process
i. Domain based authentication
ii. Established user profiles and accounts as roaming profiles which are accessed from the server. This means you can open any PC in the practice and obtain your customised desktop settings.
b. Passwords
i. Is there a master password list?
ii. If so why and who has access to it?
iii. How frequently are user passwords changed?
iv. Is there a password protocol (number of characters, complexity).
c. Install tamper proof security, antivirus and antispam software
d. Test periodically (e.g. http://www.grc.com/, http://www.tend-micro.com/ - Housecall )
4. Standardise software on all PCs
a. Install the same version of the operating system and other software e.g. Windows, Office, security software etc
b. Automate the update process
c. Test 3rd party software prior to installation
5. Review the backup methodology:
a. Methods:
i. USB hard drives
ii. DVD
iii. Magnetic tape
iv. Remote backup
b. Where are the backups stored?
c. What is the recovery process?
i. Has it been tested?
ii. How frequently?
iii. Is it documented?
6. Internet access:
a. How much does the existing service cost and what are the specifications?B. Faster speeds are always desirable (ADSL 2+ is currently the fastest but may not be accessible in your area)
b. Broadband for Health?
c. When changing the ADSL service to another ISP provider use another phone line to avoid any down time
7. Email & Web Hosting:
Consider hosting by a dedicated external provider (e.g: http://hosting.webcity.com.au/)
Benefits include:
i. Not ISP dependent
ii. 24 hour access from anywhere
iii. Ability to setup and modify user email accounts and groups
iv. External spam filtering control
8. Develop an IT procedures manual containing:
a. Equipment specifications - Label all equipment by name and a static IP address (avoid dynamic IP addressing)
b. Network topology
c. All operating protocols
e.g. Refer: www.sans.org/resources/policies/#template
i. Password policy
ii. Access policy
iii. Security policy
d. Document absolutely everything (consider an on-line intranet)
9. Establish an ongoing maintenance process (proactive Vs reactive; prevention is better than cure – sounds familiar….)
a. Define and document 3rd party support arrangements Retain and store all installation media and manuals
b. Consider purchasing spare equipment – PC, printer
10. Provide regular staff training:
a. Appoint one staff member (or doctor) as the systems administrator and train to a higher level
b. Many IT problems are relatively easy to identify and rectify if staff have an understanding of what to do and where to look
Key Messages:
1. Develop protocols
2. Standardise
3. Document
4. Educate
5. Review periodically |
