Quantcast
Channel: CodeSection,代码区,网络安全 - CodeSec
Viewing all articles
Browse latest Browse all 12749

10 ways to keep the lights on in IT during the holidays

$
0
0

10 ways to keep the lights on in IT during the holidays

Image: iStock/carneadele

The holiday season is underway and this is traditionally a time of year when IT departments, rarely overpopulated with additional bodies, often end up short-staffed. Lots of people are running errands, spending time with family and friends or using up those vacation hours which have piled up throughout the year.

The year end may mean low available staffing resources, but it doesn't have to mean undue headaches or firefighting while maintaining a skeleton crew. Here are 10 ways to keep the ship running smoothly with many team members out or otherwise focused elsewhere:

1. Ensure paging coverage is sufficient

Most IT departments larger than one have some sort of paging rotation to ensure 24x7x365 attention to emergencies that may arise. Look at the schedule in advance to determine who's on deck to supply coverage and ensure they're aware of their duties and available to handle them. Find out if substitute coverage is needed and make sure it gets worked out then scheduled. Using a shared calendar via Google, Outlook, or some other means is a great way to plan and track this coverage so everyone knows what's afoot.

It's also a wise idea to ensure that on-call staffers are sufficiently equipped with the tools they need to perform their duties if emergency situations arise. Arming them with laptops, extra batteries, wi-fi hotspots, and so forth will ensure they can respond to any problems if needed even if away from home or amidst poor weather conditions (here in the Northeast, blizzards routinely knock out our power grids). Make sure they test their remote access BEFORE they need it.

2. Keep coverage fairly balanced over holidays

The advantage to the aforementioned shared calendar is that you can also use it as a reference guide to see who covered prior holidays. If possible, make sure different staff members are rotated among holidays so the same person isn't always on duty for the same holiday, and they don't have to be on call for the same holidays year after year.

It also makes sense to put employees on call during holidays they do not celebrate, if possible, so that those who do participate in these holidays get the much-needed time off.

3. Establish a manager on call

Many problems which pop up in IT (especially in the middle of the night) require managerial input to resolve - approving access to a remote data center in order to repair a failed system or rebooting a production system, for instance. This can delay the problem resolution if an employee's manager is unavailable, such as out of the country or off the grid in a ski cabin.

If your organization has multiple managers it's a good idea to establish a paging rotation for them to ensure someone will always be available to lead and provide direction on emergency issues that may arise. These individuals should share similar duties and access privileges, or at least have the ability to reference documentation related to emergency routines to be able to fill in any managerial voids..

4. Offer incentives for on-call duties

On-call coverage during the holidays adds extra burden, even if nothing happens, because employees may limit their enjoyment of the holidays when on-call. For instance, avoiding eggnog or sticking close to home in the event of an emergency is a common practice for those who carry the pager.

Make sure to compensate on-call staff for their dedication. Compensation can come in many forms; bonuses, overtime, comp time or dinner out. Showing appreciation is just as important as the actual incentive itself, of course.

5. Finish or suspend projects in advance

Many companies coast during the month of December (although there are also those who scramble to get everything done by year end) so it's a good idea to plan to get major initiatives done by the end of November, or at least suspended so they can be safely picked up again in the New Year.

There will always be some critical endeavors afoot at the end of the year, such as securing a hefty vendor discount due to expire soon or arranging the installation of new equipment to get it officially inventoried and on the books for January. Try to arrange availability of staff as needed in advance to complete these mission-critical goals so the necessary staff is able to assist and the rest can take time off as needed. As with #2, don't stick the same individuals with December projects every year; balance the duties out.

6. Don't touch stuff

DTS (Don't Touch Stuff) is a mantra during the holiday season. Of course, regular system upkeep is still necessary; failed hard drives should be replaced, memory errors investigated, storage problems resolved and so forth. But introducing change is always risky, especially when staff resources are low. Resist the urge to make any unnecessary changes which aren't critical at this time. Even patching might be able to wait for another month, depending on security requirements.

Many companies implement what's known as a "freeze" during the holidays, especially if they perform financial transactions or other endeavors related to the shopping season. The reasoning behind this is obvious: system failures or outages can lead to lost productivity and revenue, and with so many organizations depending on the boost from holiday shopping these days a freeze can help maintain order and reduce risk.

7. Establish suggested areas of focus

The prior two tips don't mean IT staff should be sitting around twiddling their thumbs, of course. There is always plenty of low-impact work that can be done with no risk to the organization. Some examples include getting caught up on documentation, checking the data center or system event logs for any minor errors or issues which should be addressed in January, cleaning up outdated files and email messages, or researching project initiatives for the new year. This will ensure those who are in the office remain engaged, but can do so working with basic initiatives that are low-risk and don't require outside input.

8. Emphasize that the IT department should only be engaged for significant issues

Pageable emergencies such as failed systems or network outages aren't the only high-priority demands which can pop up during the holiday season. User requests can also turn into urgent situations - or may be deemed as such, at any rate - if sufficient staff aren't present.

Notify the other departments that low priority requests should wait until after the holidays or at least be shelved until available staff is present in December. The definition of a "low priority request" is open to subjective interpretation, of course, but a broad definition should be "anything which would not pose a risk to company operations, reputation and revenue if left undone over the holidays."

You don't want to present the appearance of avoiding work or slacking off during the holiday season, of course, so you could work with other departments to build a list of acceptable requests for immediate handling versus items which can be postponed until a more feasible time.

9. Automate or delegate what you can

Paradoxically, some of the "emergency" requests which come up in IT are really basic in the overall scheme of things. Password resets and account lockouts are one such example. Requests to block email from certain addresses or access to malicious websites are another.

It's possible to automate things like self-service password reset mechanisms (generally involving security questions) so users can reset their own passwords. Obviously you can't just whip this up overnight, but it might make sense to plan this for next year if you don't have such a feature in place already. Look and see what else can be automated down the road.

It's also possible to temporarily adjust settings like account lockouts (depending on your security restrictions - always check with your Office of Security if applicable) for greater flexibility. For instance, if your systems are set to lock accounts indefinitely after five failed authentication attempts, consider lowering this threshold to five minutes during the holidays so that employees can log in again without needing administrative staff assistance. Be cognizant of any increased risks this may pose, however - this example might work best for internally-accessed accounts (via the private network) and not externally-accessed public accounts which might end up hacked, of course.

Lastly, delegation may also help reduce burden upon IT staff. Maybe you can assign non-IT personnel the ability to carry out certain tasks you trust them with. For instance, if your security department pages on-call personnel with requests to block email or web addresses, see if you can delegate proxy server or firewall access to them to make the requisite changes, even on a temporary basis. The same might apply to allowing capable managers the ability to make permission changes on a file server (for their own or other departments), as another example.

10. Consider bringing in outside assistance

If possible, you might consider bringing in temporary workers such as contractors to help share the IT workload in December.

This may seem counterintuitive. After all, isn't doing this work the reason why you have full-time, trained staff in the first place? It may also pose a security risk or a training burden for some organizations (you certainly don't want IT staff to spend time training others when they could more easily do the work on their own) but it's still an option that warrants consideration for certain low-level tasks that can (and should) be fully documented already:

Creating new users Building virtual systems Building end-user workstations Making firewall changes Administering backups Performing first-level support of common operating systems/applications Basic server, printer, network or storage troubleshooting Code debugging

Experienced contractors could walk into many organizations and conduct all of the above tasks on the first day, giving IT staff the break they need to recharge.

Hopefully these tips will help make sure everyone in the IT department makes the most of the holidays. After all, quality time away from the office helps build morale, which also helps build employee loyalty and productivity, making it a win-win for all sides involved.


Viewing all articles
Browse latest Browse all 12749

Trending Articles