The last thing any company would do is to put all available network information, especially the critical data, in the hands of only one person. It should be noted that IT guys often don’t have much opportunity for career advancement in many companies and they often leave to seek for new companies with larger IT department to improve their career.
In many cases, they suddenly leave and this could represent a significant security risk. This is absolutely true of the employee is suddenly fired and animosity could cause these former IT employees to do something rather illegal.
It can be a nightmare for the company to try to perform data backup, license information, while recovering licensing information, software keys and network passwords. Any company should have some kind of IT handbook that prioritizes on full transparency, if this situation could occur. There should also be a proactive plan to enhance the security of our network.
As an example, the IT handbook could contain a type of network diagram that may show the basic configuration and layout of our network. This will show how the network is constructed and it should allow new IT engineers to understand the layout quickly.
Without proper network diagrams, it will be necessary for new IT engineers to spend weeks trying to map everything. The IT handbook should also provide a list of typical hardware inventory, such as list of all workstations, switchers, servers and other essential network equipments. There should also be information on warranty and licensing. Two essential factors would be policies and passwords.
It is important that all administrative passwords are kept in a very safe place in case of employee change, provider change or an emergency. The IT handbook should explain policies for password recovery and changes.
Companies with good IT implementation should have proper security reports. They will indicate that the network protection service is already in place and no data is being compromised. Also, there should be a disaster recovery plan. This is how data will be replicated and backed up. With proper IT handbook, we would know how the information should be monitored and tested.
We would also know about things we need to do in case of theft, disaster and hardware failure. The recovery times should be in-line with our tolerances and the whole system should be tested using simulations.
The IT department should also issue their quarterly reviews, because the upper executives won’t have time to regularly asses the IT performance. As an example, the review could provide information about all the ticket activities and how the whole system has performed in specific duration of time. Although we never hear any complain from employees, we can’t just assume that everything would run smoothly.
There should be a head technician who is responsible for our network and he will verify these quarterly reviews. Regular IT meeting is also needed to assess the performance of our network and what challenges we could have