Assessments – A Necessary Evil
Assessments are a necessary evil for an IT Department. Egos are hurt, exposure of negligence and complacency are all deliverables of a thorough assessment. But we’re going to look at it in a different way.
An IT Department can be considered the Heroes of an organization because they realized an assessment(s) needed to be done. Preventing a catastrophic breakdown or failure of an organization’s infrastructure or by saving an organization millions of dollars, the IT Team can leverage the C-Suite for that pool table in the breakroom without much resistance.
We all wear many hats in an organization and can be considered the Jacks of all trades and Masters of none. An individual who’s heading up the IT Department may have a Networking core competency but have little or no knowledge of a Storage competency. And, there’s the chance an individual and only that individual makes up the entire IT Department. This can be the case for SMB companies. Enterprises have a few folks, but even their bandwidth is not what it should be.
Gaps in knowledge ranging from Networking, Compute, Storage, etc. can jeopardize an organizations’ infrastructure. This can cause significant trouble with product outputs. However, being proactive instead of being reactive can help minimize the opportunity for failure or loss to occur.
Assessment is a very broad term. There can be levels and micro-levels of assessments within an IT Infrastructure.
Here’s a very high-level summary of the types of assessments that are available via Zunesis at the click of the ‘SEND’ button on a product / service inquiry form:
1. IT Infrastructure Assessment – Experts will assess the current IT infrastructure and deliver a report detailing observations regarding hardware, software, and the business processes impacted by the organization’s IT environment. Recommendations and potential solutions should also be part of the final deliverable.
2. Data Management Assessment – Data Management Assessment Service can be used to focus separately on Production Data, Archive Data, Backup/Recovery, or it can encompass all three. Part of the perks of having this information would be to document current data management practices as well as short-term and long-term objectives.
3. Recurring Data Center Assessment & Advisory Service – This is a review of the IT Infrastructure Assessment, but it would occur on a quarterly, bi-annually, or yearly cadence. Benefits include lower support and maintenance costs, greater control over the existing environment and other attributes which lead to high performance without breaking the bank.
4. VMware Assessment Services – Deliverables include documentation on current environment, observations about current VMware use and short-term recommendations and areas of opportunity. This information will provide a clearer picture of the environment’s long-term strategy and cost efficiency.
5. Wireless Site Survey – This assessment should be done by all organizations (i.e., Government agencies, Education, office buildings, etc.). A Network Engineer will import floor plans into a tool and draw walls on the map to give them an idea of what their coverage area will look like. Or if already installed, the site survey will validate a recent wireless network installation.
6. Ransomware Recovery Preparedness & Risk Assessment – There’s no need to elaborate on this assessment. To be blunt, if an organization doesn’t feel this is necessary, then they better be prepared to lose all their data and pay a fortune to get it back. And, there’s a chance an organization may never get their lost data back. People will lose jobs over this if this assessment is not done and done soon.
7. Firewall Assessment – This provides the overall utilization of an organization’s current firewall and their adherence to industry’s best standards through a Network Vulnerability Assessment. Recommendations, best practices, snapshot of existing firewall layout, potential of what the layout can be in the long-term are just some of the attributes a company can glean from this assessment.
Potential Problem Analysis
Now that these assessments have been identified and the importance of each, organizations need to think operationally, tactically and strategically about the consequences and costs of not undergoing these assessments. Potential Problem Analysis consists of identifying the problem before it actually occurs. This type of thinking is true in any infrastructure environment and should be implemented immediately. Band Aide’s and Duct Tape can only go so far.
Again, being proactive rather than reactive, an organization can prevent significant down-times, reduce costs by protecting current hardware, avoid ransomware, avoid closure, save jobs and many other elements which will lead to continued operation time and an increased/valid sense of security.