• Pursuit of Happiness

    16Feb
    Author: zack Categories: IT Management, Ramblings Comments: 0

    Boulder, CO

    In a recent study conducted by The Gallup-Healthways Well-Being Index, Boulder received top honors as the overall happiest, healthiest, and most optimistic city in the United States. The study surveyed more than 350,000 Americans across the country and assessed their lives based on a variety of pre-defined categories. While Boulder did not sweep every category looked at by the researchers, it did get the highest rank in the “Work Experience” arena. At Applied Trust we have always known this was true, but it is nice to get some nationwide visibility for it.

    We care about having a good work and life balance for everyone that works here. That’s why the ATE Employee Canon is so important to us. Having this realization and making conscious, proactive maneuvers to maintain it is a key component to fostering a positive “work experience” like the one discussed in the survey. The section measured job satisfaction, ability to use one’s strengths at work, trust and openness in the workplace, and whether one’s supervisor treats him or her more like a boss or partner. These metrics align very closely to how we view work and how we want to spend our time there.

    Read more »

    Tags: , ,

  • PCI DSS-driven assessment

    15Feb
    Author: ned Categories: IT Management, Security Comments: 0

    The PCI DSS (Payment Card Industry Data Security Standard) sets a number of expectations for IT assessment.  Activities, from scanning for rogue wireless access points to reviewing vendor contracts, are scattered throughout the PCI Data Security Standard document.

    Below is an attempt to assemble those requirements into a single schedule.  Where the standard didn’t specify a frequency, I used reasonable “best practices” values.  I hope this is a useful starting place for organizations working toward compliance, but it is definitely not a holistic IT security plan!  There are lots of other security activities that should be taking place at every organization – this is just a summary of those discussed in the PCI DSS.

    See anything that I missed?  Did I get something wrong?  Let me know in the comments and we’ll work toward an accurate sample schedule together!!

    Read more »

    Tags: , , , ,

  • HITECH business associate deadlines looming

    10Feb
    Author: ben Categories: IT Management, Security Comments: 0

    We wrote about the HITECH act and its impact on business associates a little less than a year ago. By February 18, business associates are required to:

    • Comply with the HIPAA security and privacy rules
    • Provide medical information breach notifications
    • Work with the Department of Health and Human Services to perform compliance audits as requested
    • Train employees on HIPAA and its requirements for business associates

    BAs, I hope you’re taking note. Violations can incur fines for as much as $1.5 million per year and, in the most serious circumstances, may include prison time. According to HITECH, DHHS audits are also mandatory beginning 2/18/2010. (See sections 13410 and 13411).

    Most of the associates that I’m familiar with haven’t made many changes in the past year to improve HIPAA compliance. So what should any self-respecting business associate, now subject to these somewhat draconian and certainly expensive rules, do to avert heavy fines and lost productivity? Avoid becoming a business associate at all costs.

    First, re-evaluate whether the business truly qualifies as an associate, for one. In the past, BAAs had very few directly applicable requirements, and those that were in place were rarely or never audited and enforced. Businesses should no longer haphazardly sign BAAs when they aren’t strictly necessary.

    If the business has determined that they are indeed an associate, what can be changed to eliminate that status? If there isn’t a dire business need for access to medical records, but they’re being collected incidentally, eliminate that dependency and escape the compliance game. Of course, most health care organizations don’t freely distribute health records, and most organizations don’t want them unless they need them.

    If the business is resigned to being an associate subject to HIPAA courtesy of HITECH, it’s time to get to work. Start at www.hipaasurvivalguide.com, an excellent resource for learning the regulation and applying its teachings.

    And never forget the old proverb (that I’m making up right now): more regulation always improves security. Emphasis added.

    [Slashdot] [Digg] [Reddit] [del.icio.us] [Technorati] [StumbleUpon]
    Tags: , , ,

  • Five things network and system administrators can learn from Agile

    15Jan
    Author: ned Categories: IT Management, Infrastructure Comments: 1

    hummingbirdIT infrastructure work is certainly not the same as software development, but the Agile methodologies offer some good advice to us system and network administrators. In general, Agile has grown from a Manifesto about software development to a full-blown project management methodology. Powerful tools are available to help manage projects according to its tenants. Although Agile is based on lessons learned implementing complex software projects, its principles apply equally well to IT infrastructure projects and operations. Agile’s concept of “self-organizing teams” is particularly appealing to me, since Applied Trust is managed as a “company of peers”.

    I’ve picked five of the Principles behind the Agile Manifesto that are particularly applicable to our field – read on to see how they look from an IT infrastructure perspective:

    1) Our highest priority is to satisfy the customer through early and continuous delivery of valuable infrastructure.
    2) Welcome changing requirements, even late in deployment. Agile processes harness change for the customer’s competitive advantage.
    3) Business people and developers must work together daily throughout the project.
    4) Simplicity–the art of maximizing the amount of work not done–is essential.
    5) Continuous attention to technical excellence and good design enhances agility.

    Read more »

    Tags: , ,

  • New Year’s Resolutions for IT (and free T-Shirt offer!)

    01Jan
    Author: trent Categories: IT Management, Ramblings Comments: 0

    Ok, I admit it – I’m generally not a fan of New Year’s Resolutions.  I believe that folks should always be looking for ways to make positive changes, and shouldn’t need a specific day/event as a trigger.  That said, it does make a nice marker date for an annual evaluation of the state of things.

    Last year, I posted an end-of-year IT checklist, which I again encourage all IT folks to take a quick look at — this is a great time to evaluate and update a number of key IT areas.  At the very least, don’t forget to update your copyright dates!

    I’m hoping 2010 can be a year of positive change for IT.  In that light, as a community let’s make a few resolutions:

    Read more »

    Tags:

  • So begins the farewell to Windows 2003

    16Oct
    Author: paul Categories: IT Management Comments: 2

    2010 will be here in no time, and with it will come some changes to support for Windows Server. In July 2010, public support for Windows 2000 will cease. At the same time, Server 2003 moves from mainstream support into the “Extended Support” phase. While security patches will still be released, all non-security hotfixes developed during this period will be restricted to customers enrolled in the extended hotfix support (EHS) program.
    Read more »

    Tags: ,

  • Tickets: The IT Department’s Keys to Success

    14Oct
    Author: terry Categories: IT Management Comments: 0

    Take a Number

    Tickets are sometimes associated more with the help desk than with the operations group of an internal IT department.  Unfortunately, when this is the case, system administrators are missing out on an opportunity to use tickets for their own purposes.  Sometimes, administrators can see tickets as a barrier to efficiency and agility.  But this is not the case.  Tickets are a communication and change control tool.  All work done by the IT staff should be tracked in a ticket.  This is important for several reasons:

    1. Other administrators can understand what is happening with a particular effort.
    2. End users can be kept in the loop on the status of issues affecting them.
    3. The administrator doing the work has a log of all the steps they have taken which can be useful if they ever need to perform the same task again, or if they need to go in and back out some portion of the change.
    4. The manager can quickly and easily understand the workload of the staff.

    Organizations that do not use tickets throughout the IT department tend to fall into one or more of three common IT traps:  Read more »

    Tags: ,

  • The Barking Seal Blog celebrates a birthday!

    05Oct
    Author: ned Categories: Green IT, IT Management, Infrastructure, Ramblings, Security Comments: 0

    2052055757_4e13e12c03I’m excited to say that The Barking Seal Blog has been around for a year now! We’ve had a great time blogging, ranting, and pontificating on the future of IT infrastructure, and have especially enjoyed the reader comments and emails.
    Below are ten of our favorite posts from our first year – if you missed one, check it out now…

    Here’s to lots more entertaining (and hopefully insightful!) posts in the year to come!  Thanks for your comments, feedback, and continued support!

    – The Seals at Applied Trust

    (photo courtesy hfb under the CC)

    [Slashdot] [Digg] [Reddit] [del.icio.us] [Technorati] [StumbleUpon]
    Tags: ,

  • Essential WordPress Plugins

    23Sep
    Author: ned Categories: IT Management, Infrastructure Comments: 0

    2009-09-23_wpbannerI like WordPress a lot – it’s my #1 tool for simple web sites.  We use it for The Barking Seal Blog (this site!), but I also use it for a variety of more traditional sites, including the TechFest website, and even my personal wedding web site!

    WordPress isn’t everything, and if you’re looking for a CMS with the longest feature list, don’t bother trying it.  But if you want a reasonably-customizable web site that almost any end-user can update, I endorse it.  Try WordPress.com if you’re not comfortable managing your own web server.

    For the technical folks in the audience, it’s easy to install the free WordPress.org version on any server that supports the LAMP stack (Linux, Apache, MySQL, and PHP).  It is infinitely customizable (if you know PHP, HTML, and CSS), but will probably meet most your needs “out of the box”.

    If you do use WordPress.org, there are a few plugins that are worth installing… here are the ones that I think every WordPress.org administrator should consider:

    Read more »

    Tags: , ,

  • Firefox and Thunderbird plugins for IT productivity

    10Aug
    Author: ben Categories: IT Management Comments: 0

    I know, there’s dozens and dozens of lists of Firefox plugins out there, but I just have to add my own. I really like Chrome a lot, but I just can’t switch due to my heavy reliance on add ons. Here’s a list of a few of my favorites, some IT-focused, some not. Read on for a list of useful addons.

    Cooliris Firefox eye candy

    Read more »

    Tags: ,
« Previous Page

Subscribe:

Popular Posts