IT Manager's Handbook: Getting Your New Job Done (87 page)

security
vs.
privacy
vs.
convenience,
207

threat types,
224–226

Security management

basic actions,
209–214

care when web surfing,
214

common weaknesses,
210
b

employee impact,
214

needs, exposures, defenses,
209–212

risk analysis,
210–211

risk analysis tools,
211

risk management,
210
,
211

securing users,
213–214

security audits,
209–210

security as ongoing process,
214

upper-level management buy-in,
212

user training,
213

white hats,
211–212

Security software, characteristics,
136

Security solutions

authentication,
219–220

authentication methods,
220

authorization levels,
218–219

challenge–response authentication,
219

identity management,
220

single sign-on,
219–220

two-factor authentication,
219

Security technologies

access reviews,
218

account usage,
216

control access,
215

passwords,
217–218

special privilege IDs,
218

tracking activity,
214–219

Self-reviews, employee performance,
50

Self-service identity management,
220

Servers

client/server software type,
136

first 100 days,
23

per server licensing,
146

technical environment,
192

Service Level Agreement (SLA)

basic considerations,
283–284

first 100 days,
23

good SLAs,
284

outsourcing agreements,
185

positive values,
283

staff help,
283–284

vendor contracts,
176

Service providers, project planning,
113–114

Service requests

authorization levels,
218–219

intranet uses,
294–295

vendor evaluation matrix,
179

Shipping and Receiving, project stakeholders,
108

Short-term focus, management
vs.
leadership,
13

Short-term project management, employee performance reviews,
47

Single Sign-On (SSO),
156
,
219–220

SIRT,
See
Security Incident Response Team (SIRT)

Six Sigma,
241–242

Skill building

employee performance reviews,
46–47

performance reviews,
52–53

Skill inflation, self-review of performance,
50

Skill set, candidate selection,
92

Skype,
180

SLA,
See
Service Level Agreement (SLA)

Slack time,
119

SMART, performance reviews,
53

Smart phones

empowered users,
292

iPhone,
See
iPhone

securing users,
214

Social engineering

computer security,
209

Help Desk staff training,
282

as threat type,
225–226

Social media

connectivity uses,
295–296

tool implementation,
299–300

usage guidelines,
300

virtually private tools,
298–299

Social networking

as connectedness technology,
289

connectivity issues,
290
t

team management,
33

tool implementation,
299–300

Soft costs, project funding,
130

Soft sciences-related degrees, candidate selection,
97

Software

budget items,
162–163

call tracking,
278–279

cloud computing,
See
Cloud computing

consumerization of IT,
272

end-user upgrades,
269

enterprise applications,
See
Enterprise applications

ERP,
See
Enterprise Resource Planning (ERP)

IT issues,
201

job requirement flexibility,
94

maintenance budget,
171

mobile user support,
274

operating systems,
See
Operating systems

OSS,
141–142
,
141
t

project costs,
131

technical environment,
193–194

tracking tools,
194–195

types,
135–136

Software as a Service (SaaS),
149
,
151

Software and Information Industry Association,
145

Software licensing

basic issues,
145–148

cloud computing,
151

consolidation on purchases,
147–148

GNU free software,
144
b

maintenance/support plans,
147

Microsoft EULA,
144
b

models and types,
146

negotiations,
147

types,
144–145

vendor evaluation matrix,
177

Software management

basic considerations,
142–148

deployment,
142–143

deployment tools,
143

desktop lockdown,
144

disk cloning,
143

e-mail,
153–155

standard disk image,
143

TCO,
142

techniques,
142–144

user-downloadable software,
143

Software patches, ongoing maintenance,
222

Software updates

deployment tools,
143

ongoing maintenance,
222

SOX,
See
Sarbanes–Oxley (SOX)

Spam,
153–154
,
208

Special privilege IDs, security technologies,
218

Spoofing,
208
,
225

Spyware,
208

SQL Server, DBMS,
135

SSA Global, ERP,
157

SSCP,
See
Systems Security Certified Practitioner (SSCP)

SSO,
See
Single Sign-On (SSO)

Staffing issues,
See also
Hiring

behind-schedule projects,
125

budgeting factors,
171

cost management,
180

encouraging questions,
33

Help Desk

overview,
281–282

specific considerations,
281–282

staff size,
282

training,
282

security defenses,
223

SLA help,
283–284

Standard CMMI Appraisal Method for Process Improvement (SCAMPI),
240

Standardization,
151
,
201
,
240–241

Standards, technical environment

basic considerations,
199–201

IT issues,
200–201

IT standards,
201

user issues,
199–200

Stand-ups,
34

Stoll, Clifford,
225

Storage

disk/tape encryption,
222

technical environment,
192

Strategic alignment, IT governance,
239

Subcommittees, decision-making techniques,
123

Subscription licenses,
146

Summary updates, project progress tracking,
121

Supply requests

budget items,
163

intranet uses,
294–295

Support Center,
See
Help Desk

Support issues

consumerization and handheld devices,
272–273

depth and breadth,
273

vs.
maintenance issues,
171

mobile users,
274–275

vendor contracts,
176

vendor evaluation matrix,
179

Support plans, software licensing,
147

Surowiecki, James,
293

Surveymonkey.com,
280

System log files, tracking activity,
215