Annual IT Activity Guide

 

Year-end has the everyone wrapping up budgets and the business units working hard to get Property Closings done. With all this hustle and bustle, don’t forget this is also the time of year to perform a review of your technology solutions.  Below is a list to help you get started building your own Year End activities.  Note, this guide does not include items that should be taking place as part of your regular health maintenance (i.e. SQL database maintenance plans, network analysis, etc.)

Server/Network/Telephony Environment

  • Make sure the operating systems on your servers are the most current version or if not, only one version prior. Getting more than one version behind on a server OS can make future upgrades more difficult, not to mention that you may be missing out on some great functionality. Before upgrading any server OS, review each server’s purpose and application compatibility to confirm there will be no issues when updating the server.
  • Summarize the usage and performance of your servers over the past 12 months. Can you consolidate, or do you need to expand your server infrastructure? Is now the right time to change to a virtual environment or expand to the cloud?
  • It’s time for a security audit – make sure you have an external party test your network and cloud security and issue a full report. Be sure to budget time for your internal resources to address the recommendations resulting from the audit.
  • Review user and service account permissions on accounts that do not adhere to your password change policies. If you haven’t changed these passwords all year, now is the time to do so. Also, make sure all unnecessary ports are closed and unnecessary services are disabled on your servers as these tend to change over the course of a year.
  • Evaluate your telephony solution. Could your mobile expenses be reduced by changing providers? Is it time to change from analog to VOIP? Are your solutions satisfying the needs of the organization or was the mobile device OS and Mobile Device Management (MDM) software selected based on outdated requirements?
  • Evaluate your security posture. Look for regulations you might be subjected to that you may not have been previously aware. Remember that newer regulations (Privacy, PCI-DSS, etc.) exist for more than just publicly traded companies.
  • Are you able to deploy, monitor, and update your anti-malware solution from a central location to keep your network adequately protected? If not, this is an item that should be addressed immediately.
  • Are you able to discover all devices connected to your network and quarantine them if necessary? If not, work with your security firm to help you address this.

Database Servers

  • Evaluate your database environment. Check for differing database management systems. Do you truly need to be running databases in MySQL, Microsoft SQL Server, and Oracle, or can these all be migrated to one platform?
  • Does the functionality of your edition meet your needs, and is your version current or current -1? If not, review the reasons for this and develop the appropriate plan to move forward.
  • Check to see if there are any features you own, but are not currently leveraging. In the case of SQL Server Standard and Enterprise Editions, evaluate leveraging the abilities of Reporting Services, Integration Services, and/or Analysis Services.

Corporate-wide Solutions & Local Applications

  • Start by making sure your version/service pack level are current. Review your upgrade strategy from the past year, evaluate how well it worked out for you, and adjust next year’s plan accordingly.
  • Review the current feature-set of these applications to identify if processes can be streamlined by newer functionality.
  • Look for overlapping functionality. Does your ERP now contain enough scheduling functionality that you can retire your licensing for your project management software?
  • Consider the lifespan of these applications and determine when their anticipated end of life will occur.
  • Review your architecture. Have you grown enough that it is time to bring those remote hosted applications, such as your CRM and/or ERP, in house? Has your business model changed so that SAAS solutions are more appropriate?
  • Review your Service Level Agreements (SLAs) and confirm agreements and security requirements are being met. Additionally, look for areas where a lower level SLA would decrease cost with minimal impact to the overall environment.
  • Could you reduce labor hours by further integrating these software solutions?
  • Do you have any ‘rogue’ applications which are installed on user devices?
  • Review applications to confirm you are utilizing Active Directory authentication (or other consistent sign-on method) where possible and appropriate. This will help close security gaps and reduce IT application account management overhead.
  • Review existing reporting and BI tools. Determine if any tools can be consolidated (i.e. switch all reporting to SSRS) and if any reports or dashboards can be consolidated to reduce IT overhead and improve the user experience.

Evaluate Licensing

  • Check your applications for unnecessary licenses and check pricing plans that may more appropriately fit your needs, such as a new volume licensing plan or a new tier.
  • ERP annual maintenance cost is often based on a combination of modules and user licenses. Can/should any of these be reduced or increased to be more in line with your actual usage and needs?
  • Review desktop and mobile devices for incorrectly licensed or unlicensed software.

Review your Business Continuity Plans

The IT department is not only responsible for getting their own systems up and running during business outages and disasters, but also getting enterprise systems up and running as well.

  • Make sure that the IT department has a business continuity plan for its own software and processes during all types of outage scenarios. Include scenarios that consider neighboring threat possibilities, such as nearby highways or airports.
  • A separate plan that focuses solely on a disaster situation (Disaster Recovery Plan, or DRP) for each Server room or NOC (Network Operations Center) is a necessity.
  • Coordinate the IT department plan with all other business unit plans and the DRP(s) to manage expectations and ensure everyone understands the established priorities.
  • Make sure your continuity plans are available to and executable by multiple resources. If Barb is backpacking in Brazil the day of the bad storm, who is going to get your systems up and running again?
  • Ensure all contact and vendor information is up to date in your plans.

Check your Exposure

  • When is the last time you checked with your legal counsel and insurance company to ensure you are covered in an unexpected event? With ever-changing federal and state laws, it’s important to make sure you understand and have addressed your liability regarding items such as data breaches and theft.
  • Check your terms and conditions and privacy statements on your websites and update accordingly.
  • Review and update company policies. Have users acknowledge appropriate policies. Policy training can help fulfill last minute training requirements.

Communicate with Users

  • Send out a survey to your user base, including your subcontractors. Use the results to identify…
    • areas in need of training (are there areas in purchased solutions that are not- or under-utilized?)
    • areas in need of alternative solutions
    • areas in need of process improvement
    • success stories for the year

A few tidbits in closing…

With ever changing technology, it is critical to keep your internal IT expertise current. Be sure to budget adequate training time and funds to support the IT team’s skillset maintenance program. Also, don’t forget to take advantage of year end specials from software, hardware, training, and consulting companies.

And…once you have completed your review and identified your opportunities for improvement, don’t forget to celebrate this year’s achievements!