In our February 24th post, we discussed specific challenges one-person IT departments face and first-step IT solutions to take in IT department structure planning. Whether you’re the CEO of a company, office administrator or anyone in between, we focused on highlighting what your first steps in organization should be. Starting out, it was important to gather all of your thoughts and think about what really needs to be done, what you can afford to outsource and what you think you can handle in-house.
Now that you have had time to organize your tasks and define major responsibilities to outsource, you are ready to dive a little deeper into creating your company’s IT department structure. Let’s begin by planning your IT and security architecture – a blueprint for what your entire system will look like.
IT and Security Architecture
Step 1: Pick Your Operating System
A critical part of this plan is the ability to weave in what might be necessary for your company to function tomorrow as well as today. As we all know, technology is changing quickly and if you can’t account for what the future could hold, you might be having to restructure your whole network which can cost immense time and money. Tackling issues such as Windows vs. Mac technology is something that must be addressed before creating a plan around systems that may not “speak” well with each other. In order for your architecture to fall into place smoothly, you must first make sure you do your due diligence to ensure that the pieces of the puzzle will fit and work together.
This process is one that can be easily overlooked as people don’t realize it can play a major factor in how your system operates. Rather, people tend to dive in. But, it is one of the most important steps. You can’t build a house without first laying its foundation. Yes, there are systems that can successfully integrate both Mac and Windows. However, if you are starting from scratch, picking one system can save you some headaches while building your network.
Step 2: IT Architecture
Once you have established your operating system, it is time to think about developing your IT department structure. What does this mean, exactly? When you think about your IT architecture, think about all of your physical devices: computers, both portable and desktop, tablets, mobile devices, printers, servers and other pieces that you plan to have integrate with your network.
Ask yourself, do you have enough room to house everything? This is critical when you are starting your planning process. Not only are you accounting for the physical space you currently have to work with, but you must also account for the business’s forecasted growth and whether or not your current location will have enough room to house all of the devices that go into your network.
Next, do you have a proper space for your server? This is critical. If you don’t have a proper space for your server, simple things like air flow and temperature control can compromise your entire database.
Are you planning on having a cloud for backup? Nowadays, it is almost unthinkable for companies not to have some sort of backup. And, like your server, your backup will need to live in a proper space with features to keep the machines safe and temperate.
In addition, will you need to incorporate both cabling and wireless capabilities in order for your system to work? Most companies have a hybrid system where both are needed, yet it is an important question that needs to be answered early on in the planning process.
All of the above need to be considered when constructing your IT architecture. Depending on the answers to these questions, at this point, you should be able to determine if it’s time to call in an external partner for reinforcement.
Step 3: Security Architecture
It seems logical that after your IT architecture is in place that setting up its security would follow. After all, how can you add security to something if it does not exist? While, yes, the security does come after designing the IT architecture, it really should be done, for the most part, in tandem.
Slowly, as you start to get your IT architecture in place, it is always wise to properly add in parts of your security measures little by little. The last thing you want to happen is for you to get your entire IT structure established but have the security not match up or work well with the system you have worked so hard to create. As you integrate the security portion, it’s important to bear in mind that when building IT and security architecture simultaneously, it will take some trial and error to match the perfect security solutions to your new system. This is another reason why it’s vital to building the architecture in tandem.
Now, you may be wondering, what security measures to take. Establishing your perimeter protection is typically a smart place to start. This includes having a next-generation firewall, border routers and an IDS (Intrusion Detection System), among other options.
Next, you will want to focus on your endpoint security. Endpoint security is becoming more and more important as technology advances and allows for more devices to be connected with one another in different ways. From computers and tablets, to mobile devices and printers, all of these endpoints need to be secured if they will be operating on your network. Moreover, it isn’t only company devices that need to be secured. Think about all of the employees that you have and their devices that are most likely connected to your network as well. These multiple connections could potentially open up your breadth of risk.
Lastly, segmentation is an important step for information that is most critical. This will depend on your line of business but could be anything like customers’ credit card information, social security numbers, or patient information, for example. Segmenting that information will separate data from your network into specific, smaller pieces so in the event your network is breached, not all of the critical data will be in one spot.
Step 4: It’s OK, You Must Be Flexible
Even if you start out strong and follow all of these suggestions, it’s important to understand that, like all strategies, sometimes situations occur that force you to deviate from the plan. And that’s ok; it will most likely happen! Being flexible and open-ended will allow you to easily adjust partnerships, processes or software applications in the event a situation arises. It’s best to plan for contingencies throughout the process so you can quickly switch gears and keep working.
We understand this can be really overwhelming. And we also understand that these four steps are the “meat and potatoes” of this overall project. But if you take these four steps and focus only on these, you will complete major parts of this project. To aide you in these tasks, we have a comprehensive worksheet with questions and a checklist to help guide you along the way. Once you have successfully completed your architecture, check back to learn about backup and data recovery.
Originally published on 03/07/2017