IT Documentation is a Critical Step, Not to Be Ignored

Embarking on some IT documentation?  Not sure what IT documentation you need to record?  Perhaps we can help.

Computer networks are some of the most complex systems deployed within your organization. That complexity, coupled with notoriously poor documentation can lead to unacceptable levels of downtime, poorly performing applications, easily compromised security and unplanned expenses. Our Assurance Managed IT Services Onboarding Process seeks to quickly identify gaps in the documentation, performance, and supportability of systems. The process is quite intensive, taking a minimum of 3 days for our smallest clients and up to 2 weeks or more for larger environments.  This is one of the reasons most managed IT services firms do such a poor job of it.

Based on our experience, here is a list of items you should have in your IT documentation.

A:  SITE DETAILS:

1. Address & Access Control
2. Parking/Transportation info
3. Site Liaison(s)
4. Supplemental Cooling
5. Power & Environmental
6. Wiring/Data Closet Photos
7. Floorplan / Office Layout
8. End-User Contact Details
9. Building Management Contacts
10. Identification of temp/water sensors
11. Age of backup batteries
12. Equipment space constraints
13. Building Entrance/DMARC identification
14. UPS Protection Alerting

B:  APPLICATIONS:

1. Revenue generating apps
2. Line of business apps
3. Secondary apps
4. Hosted applications
5. IaaS, PaaS, SaaS, etc.
6. Privileged Credentials
7. Email/Collab Audit
8. Network/App Dependencies
9. Licensing
10. Per-app RPO/RTO
11. Application Logging
12. Version Assessment
13. Unlicensed apps
14. Vital App Health Alerting
15. Support Agreements
16. Deprecated Software
17. Malware Protection
18. Print Management
19. Network Detective Scan
20. Scanning/Imaging
21. Anti-Spam/Phishing

 

C:  NETWORKING:

1. Wiring Diagram(s)
2. Block Diagram(s)
3. Rack Diagram(s)
4. Internet/WAN Providers
5. Routing/Firewall Equipment
6. Load Balancer Details
7. Site Connectivity / VPN
8. Equipment Aging
9. Remote Access
10. Cabling Assessment
11. VoIP and Port Provisioning
12. Content Filtering
13. Station-Side Outlet Config
14. Cloud Managed Devices
15. Support Agreement Check
16. Static IP Allocations
17. Expired Firewall Rule Check
18. Wireless Controller(s)
19. Basic Site Survey / CCI Check
20. SNMP Deployment
21. SNTP Configuration
22. DNS/DHCP Assessment
23. IP Subnet Allocation
24. Use of NAC/802.1x
25. Circuit ID’s
26. Device Login Security
27. Spares/Recovery Options
28. QOS/Traffic Shaping
29. DNS Protection Measures
30. Physical Security
31. Network Appliances
32. Cloud Integration (vNET/S2S/C2S/vFW)
33. Device Inventory Report
34. Critical Port Identification
35. Redundancy Options
36. Service Dependencies
37. Syslog Deployment
38. Configuration Backups
39. Network Map / Discovery Validation
40. Core/Edge Overview
41. Version Assessment
42. VLAN Architecture
43. GeoIP Filtering
44. Protected Supply Power
45. Multi-Party Management
46. DOS Attack Prevention
47. Video/Security Integration
48. ISP Speed Check
49. Registrar/DNS Details

D:  SERVERS & STORAGE:

1. AD Architecture / Minimum Protections (2 AD hosts)
2. Group Policy Collection
3. Hypervisor Assessment
4. Backup Assessment
5. Recovery Test / RTO Validation
6. Login Script Review
7. Unrestricted User/PC Check
8. SMTP Checks
9. Time Synchronization Check
10. DFS Health Inspection
11. Site Object Validation (Sites/Subnets/GC’s)
12. General Drive Mappings
13. Server Print Management
14. Terminal Services Review
15. Farm / Cluster Node Review
16. Equipment Aging
17. HCL Validation
18. FSMO Roles / AD Schema
19. Cloud Sync Tools (AAD)
20. Licensing Check
21. Storage/iSCSI/RAID Check
22. RAID Management & Alerting
23. Deprecated OS Check
24. Malware Deployment and Exclusion Check
25. Domain Security Policy
26. Driver/Patch Validation
27. Log Review
28. Firmware Check

E:  DESKTOPS:

1. Key Personnel Review
2. Agent Deployment
3. Log Review
4. Malware Inspection
5. Patch / Driver Review
6. Equipment Aging
7. Desktop Imaging Tasks
8. Local Applications
9. Domain/Workgroup Assessment
10. Deprecated OS Check
11. Print Management
12. Local Security
13. Local Plug-In’s
14. Folder Redirection / Profile Management
15. License Validation (Windows, Office, etc.)
16. Security / Open Port Scan
17. Failed Login Attempts
18. Remote Control Policy

F:  OTHER:

1. Single Source of Identity
2. Strong Security (2FA)
3. Self Service Password Change Availability
4. Single-Sign-On (Azure, Okta, etc.)
5. Security Awareness Training
6. SRA Discussion
7. Mobile Device Policies
8. Email Protection (SPF, DKIM, DMARC)
9. Governance & Compliance
10. Device Isolation for Wireless or PCI-DSS
11. IoT Readiness (if applicable)
12. POS terminals (if applicable)
13. Disaster Recovery
14. Outdated Mobile Device Cleanup
15. Partner Cloud Authorization
16. Warehouse automation (if applicable – scanners, timeclocks, etc.)

An IT documentation project is no trivial task.  Need help?  Contact us.  Need large, complex Wi-Fi network design in Colorado?  Check out our sister company, SimpleFly!