Information Management - Best practise

[Genedril]

Right...... This isn't exactly technical but I'm hoping that someone who lurks in here will provide me with a link.

My current consulatancy role has stretched a little further than the initial - our network is screwed here's some money 'go fix'. It's become - all our IT is screwed 'help'. One thing they have an issue with is the fact that they don't use any sort of folder structure on their file server. Everything is in their 'My Documents' folder & then they grant access on whim to all & sundry for the whole folder (staff get no say in this).

I'm trying to explain to them that this isn't just far from Best Practise, it's also got legal implications (DPA & European Human Rights laws related to 'Expectations of Privacy').

I know it's wrong but when I try & explain that to them they either glaze over; accuse me of being too technical (I've done my best not to be); or say what's the problem - why should we change.

Does anyone have a link to some sort of Best Practises for Information Management sort of thing? I've Googled (as every IT bod in trouble always does) & found out about best practises for Web servers / Database structures / etc, but nto what I need.

Obviously I need it in a low tech easy to understand (or at least not technical in any way) sort of format.

Bonus cookies to anyone called Jim who fixes this for me.

 

[Gahn]

So you telling me that they ain't using any kind of directory/folders structure?
Best way to convince em that it's needed both privacy and security related is to simply get a bunch of files and drag and drop em on a random desktop ^^
Then tell em "Now go and find em".


On a more technical note i tend to create Shared Folders for every Team and give permissions to Admins and Team members, then i proceed to create Shared Folders for Collaboration (cross permissions between Teams), then put up DFS and create a Global Share for the entire Domain (like FirmName).
So everywhere they can just open \\FirmName and the whole lot of available Shared Folders show up.

I'm afraid you won't find anything that's not medium to high technic on the argument, take a look at this tho since it gives the top perks about it:
http://i.i.com.com/cnwk.1d/html/itp/onstor_taneja_server_consolidation_final.pdf

 

[Genedril]

That's exactly it mate, it's a bleeding nightmare. They've got duplication, redundant files, wrong versions being used & people frequently delete stuff (whole chunks of stuff) in other peoples 'My Documents' folders by accident.

I've set up an example with DFS & shares & they looked at it as if I'd practised some sort of Black Magic while locked away in my office. Maybe I should have taken off my wizards hat & robes before I showed it to them.

I'll read that document & see what they might make of it - cheers again.

 

[phlash]

My current consulatancy role ... It's become - all our IT is screwed 'help'.

...what's the problem - why should we change.

Cut & paste those two lines into several documents at random - particularly ones going to shareholders?

Can you perhaps motivate the 'staff who have no say' by showing them how much easier their job(s) could be? Or get some reports from close to home to prove 'whats the problem'.

It can be a total arse getting seniors to understand the day to day issues, how about calculating some cost savings for them too?

 

[Bob007]

phlash hit the nail on the head tbh.

Change your aproach, "what's the problem - why should we change." because change = less money you have to spend. Hell go all out and price some stuff up, time it takes to recover lost data in the current system x hourly rate and make your way cheaper. Technical stuff just makes management want to chew there feet. But money is the bottom line. It always wins out. Type it all up even with pictures and slides, management like slides, send it to the boss, then bang your head against a brick wall for a bit.

Lend mine ^^

Ohh and read dilbert, best insight into management known to man

GL

 

[Kryten]

Nothing more constructive to add other than a very simple few.

"Please refrain from leaving laptops on car back seats, loaded with secret stuff."

"Please refrain from leaving USB pens loaded with private/secret/confidential data on public transport."

"Please don't flog our hardware on Ebay."

 

[Genedril]

Nothing more constructive to add other than a very simple few.

"Please refrain from leaving laptops on car back seats, loaded with secret stuff."

"Please refrain from leaving USB pens loaded with private/secret/confidential data on public transport."

"Please don't flog our hardware on Ebay."

They have no concept or care of security. I'm glad I'm just there to sort out their current issues. Comical moment was when I forced them to sign a disclaimer saying I would bear no responsibility for anything ever before I would turn off the passwords on all company Blackberries. They didn't even bother to read the thing before they scrawled on it. I'd even told them they should seek external legal advice before doing signing the document & they just looked at me as if I was being obtuse.

 

[Kryten]

Exactly the sort of attitude that makes people like us have to think about security for them. Makes you sick to think people care so little in general about it, even when it's a matter of national security or company/corporate face/security etc. But that's why they give folks like yourself jobs, to think for them.
But as long as you cover your own back like you did there, you should be fine. Just seems everything these days has to have a disclaimer to make sure whoever is dealing with something isn't going to get sued for something that's not their fault.

"I'm suing you because you failed to think on my behalf."

I suppose we have to look at things in a positive light, whilst there may not be a class system to speak of, there's certainly a pecking order in intelligence which often makes us feel a bit better
There's nothing wrong in asking for help, that doesn't make someone less intelligent than anyone else, ignorance however, does.





*** Disclaimer. Read this post at your own risk. Failure to do so may result in a testicular deformation from foot-induced friction and/or contact.

 

[inactionman]

Lol! And I spend all my time hitting IT people around the head and trying to get them to maintain decent levels of security.

You would have thought that things like network access control, centralised audit trail management, network compartmentalisation, documenting system configuration with decent change management and controlling administrator access/not trusting the feckers too much would be standard practice now accepted by all IT people, but no apparently not...