A good internal office network should have very minimal routine maintenance needed, should stay running, and should be easily and quickly repaired when the unfortunate does happen. It should be designed to tolerate the inevitable problem, not designed hoping the problem won't happen.
It has become painfully clear in the last few years that free and uncontrolled access to the 'net by untrained users is NOT a wise idea. While training and technology can minimize the risks considerably, the days of users thinking they can do anything they wish with the computer on their desk is over. Many companies are spending way more than they should be on cleaning up problems that just shouldn't be.
Viruses and spyware are not something business should just accept.To be realistic, however, training is a core part of system security. Just as you can't put bigger bumpers on a car to make it safe with an untrained driver behind the wheel, you can't rely on technology to save you from unsafe computing practices.
Lots of people can get a system to work. The real trick is keeping it working and repairing it when it does fail. Given a long enough period of time, things WILL break. One advantage of dealing with a small company like Holland Consulting is when I designs a system for you, I pretty well knows who is going to be expected to fix it when it breaks. I'm not going to have the luck of not "being on call" when something bad happens.
Fault tolerance is the ability of a system to withstand things breaking and being able to be rapidly repair a system. The systems I prefer to implement are designed for "Rapid Repair" -- where whatever happens can be fixed or repaired quickly, but not using exotic or expensive technologies. My experience has been that simple solutions rarely fail, and when they do, they are easily repaired. Complex solutions that are never supposed to fail often do, and often in a most spectacular way. Worse, few people have any significant experience with these systems as they change rapidly, and you never really know a system until it has failed in a few different ways. Experience has shown you can not trust a vendor to have experience recovering a system that wasn't supposed to break in the first place. Their job is to say, "Don't worry, it will work", and get your money.
In addition to training on the systems put into place, Holland Consulting now offers Internet Safety training classes. More than any firewall, antivirus software or security policy, I believe understanding and education is most effective way to minimize your support costs and problems.
For more information, contact Holland Consulting.
Holland Consulting home
Contact Holland Consulting
since July 6, 2004
Copyright 2004, Nick Holland, Holland Consulting