With all the talk of billions for this program or that in Washington, I thought I would put together my own stimulus package that can help your network run smoother. I don’t know whether $10 billion to buy steel (domestic preferred) for new bridges or $9 billion to put up new rural DSL lines will really be effective (my initial reaction is dubious), but the idea of spending lots of money quickly by our Congress is a scary one. And despite serving on my local school board several years, I am not qualified to run any cabinet department or national office (I have dutifully and fully paid my income taxes and don’t have any dark family embarrassments). But I think I can offer a few ideas for you. So here are a few suggestions that won’t cost (much) dough and could save your own bacon if you are trying to impress the boss that your name doesn’t belong on the cut list quite yet.
First off, do you actually know what kind of traffic is running on your network? Have you looked at your top applications? You would be surprised. At an event that I attended yesterday sponsored by Blue Coat, they talked about how when they did these assessments they always found ten times the number of applications that most IT admins thought they were supporting. That is a factor of ten. The best story was a company that found out that one of its most popular mission critical apps was a home-grown one running on a box under someone’s desk. I am sure this isn’t unique, or even rare. It doesn’t matter what fancy tool you use to do this apps census, and there are many vendors besides Blue Coat who would gladly come in and do one for you (in the hopes that you will eventually buy their gear). But the more that you know, the more you fine tune your network and reduce the traffic from the apps that aren’t business-related.
Second, have you looked at your latency lately? Has someone along the way added a few new router hops somewhere that you didn’t know about? I am amazed that we are still talking about a concept that is decades old and should be better understood. Latency improvements are the best bang for your buck short of hiring a DC lobbyist to get some of that earmark money. And you don’t have to wait for any Congressional action either.
Third, how many people still have admin rights to their own desktop PCs? This makes it impossible to manage these machines, and allows users to install their own apps. Granted, it may be politically difficult to change this policy now, but hey, change is in the air and you might as well start somewhere.
Next, have you looked at your user accounts lately and seen if anyone that you have laid off is still using your network? You would be surprised at how often this happens. At one hospital that I visited, the IT manager told me that an employee who was laid off went home and started using his girlfriend’s login credentials at night. They caught it because the girlfriend was still logged in at the same time at work. And the number of people that I talk to that don’t have regular password change policies, or have the same password for all of their critical servers, is amazingly high. Take the time to get this set up properly. Given the number of layoffs these days, this is probably the biggest thing that you can do to fix your security loopholes that doesn’t even cost you a dime.
I will have lots of other suggestions, if you are interested; check out my article in next week’s Information Security magazine. I will post a link to it here when it goes live. In the meantime, you can post your own network stimulus ideas here if you are feeling a need to share them.