...From Problems to Solutions - The one place for your Technological & Consulting needs
HomeAbout UsShoppingFeedbackContact Us
 
  SERVICES  TOOLS  UTILITIES  SUPPORT  OTHERS  PARTNERS Bookmark this PagePrint this PageEmail this Page to a Friend

 
TAP Overview


INTRODUCTION
The Technology Assessment Profile (TAP) allows a consultant of the Micro Symplex community to quickly baseline your company's Information Technology (IT) status in most functional areas, and compare them to industry-accepted "Best Practices". This assessment gives you the customer a detailed look at where your IT investment dollars are currently being spent, and perhaps more importantly, where they should be going relative to your business objectives. The TAP also uncovers areas of concern, both those known and unknown to your management. This review provides you with a proactive opportunity to review whether your business is at risk for downtime due to hardware failure, software issues or problems stemming from ineffective security measures. The current version of TAP (TAP 5.0) is an interactive tool, used in a conversational environment to interview you and your IT staff. Following the interview, the Micro Symplex consultant provides you with a written recap of the information collected, and a priority list of any "hot" issues you may want immediately addressed. A comprehensive analysis and remediation plan is then typically provided as a follow-up.

TAP SUBJECT AREAS
The TAP process covers 22 areas, broken down into subsections. The total assessment encompasses multiple questions, which are condensed and tailored to your organization. The areas investigated are:


EXCERPTS FROM A TAP AREA OF EXPLORATION
What follows here is an explanation for some of the components in one of the 22 sections of a TAP, Security. By including this, you will better understand why the areas covered in a TAP are so important to consider when developing a complete picture of your network.

  • Written Security Policy A successful, comprehensive security policy must be written and maintained to reflect the needs of the company (security/liability of the company vs. the privacy/morale of the employees). A security plan must, at a minimum, address access, data, content, email and employee training. Failure to do so may leave your company open to external intrusion from outside hackers and/or competitors, vulnerable to harm from unscrupulous employees and legally liable for numerous issues. Security training needs to be part of the new hire process and should also be reviewed at least annually with all employees.

  • Overall Network Vulnerability
    Micro Symplex consultants have multiple tools at their disposal to check vulnerability at your network's "firewall", as well as at your servers, clients, email messages and remote users. Security audits can range from simple tests for current virus protection to comprehensive intrusion detection audits. While most security breaches are internal in nature (by existing employees) some are external, such that theft of data occurs without your knowledge. The IT needs of your company, including location and type of public data and levels of Internet access necessary for your employees will drive the levels of security required by your network. Your Micro Symplex partner can assess your current level of protection and devise the most comprehensive means to secure your network assets.

  • Password Protection
    Hackers intent on gaining access to your network are skilled at calling your company posing as IT professionals, security personnel, etc., and convincing your employees to divulge passwords and or access information. Few people would give out their personal information over the phone to a stranger calling them at home, yet research indicates many will comply in the work environment. Password policy should extend to IT as well, in the form of forcing password changes, mandating more complex passwords, managing administrative passwords, etc.

  • Anti-Virus Software
    Most people are aware of computer viruses. Having anti-virus software correctly installed on your system can prevent viruses, worms and trojans from entering your company. In addition to correct installation, these applications need systematic, regular updating to add new virus profiles and levels of protection. Many companies that purchase anti-virus software underutilize it.

  • Proper Configuration of the Mail / Proxy Server
    This issue addresses not only security, but productivity as well. Employees are spending more time than ever online, communicating with your customers and suppliers via email and performing research using the Internet. These necessary and valuable functions need to be supported and made as responsive as possible. A correctly set up mail server will support your current users and allow for growth. Email should be correctly distributed and backed up, as many users now feel their message stores and contact databases are as important as their applications. In addition, a proxy server can not only monitor your employee's Internet use, but can also restrict access to a site containing objectionable content and/or sites that may interfere with company bandwidth.

  • Disaster Recovery Plan
    Every company experiences security breaches, but most are minor. Few companies take the time to fully research and document these to prevent recurrence, provide legal indemnification or even verify that access isn't continuing. From running port scanning software to verifying that removable media has been cleaned, how a company recovers from a breach is nearly as important as preventing it.

  • Hardcopy Material
    Most companies provide for the apparent destruction / disposal of their private records, yet don't actually verify the level of protection. Are your employees trained on separating private matter from general material prior to disposal? A surprising amount of data ends up being disposed of without being properly shredded. Consider this: How much hardcopy material do you really need to print? Can a company Intranet or other formats such as Adobe Acrobat PDF™ be used to keep your "internal" information internal? The areas above are representative of the questions TAP will review in your business. By conducting a careful and complete TAP, your Micro Symplex consultant can review and answer these questions (and more) with you and your staff, to begin establishing and maintaining a safe, secure and scaleable IT infrastructure!

Copyright © 2002 Micro Symplex. All rights reserved

 

© Micro Symplex, Inc    Terms Of Use    Privacy Policy

Best viewed with Internet Explorer

Site by ASP Technology