Best Practice - Task Schedule for IT/InfoSec Administrators
Typical security-related activities you need to plan:
Daily activities
- Verify all daemons/services are running
- Verify all applications are working
- Verify receipt of any push or pull actions
- Examine audit logs
- Back up the server(s)
- Back up database transaction logs
- Back up audit files (separate tape)
Weekly activities
- Back up the server(s)
- Back up the database
Monthly activities
- Back up the server(s)
- Back up the databases
- Archive audit data
- Check for current/unused accounts
Bimonthly activities
- Hold configuration management meetings with IT Staff & InfoSec
Quarterly activities
- Change passwords (alert users)
- Back up any master databases
- Circulate/post site security training and awareness information
- Restore a random backup tape
- Quarterly backups
Semi- and/or annual activities
- Security training
- Practice contingency plan
- Alert users to delete unnecessary files
- Check standard operating procedures are still current/policy review and update
- Risk management review/update
- Test uninterruptible power supply (UPS)
- Annual backups
As needed
- Update site password list
- Back up new software installs
- Software licensing and key renewal/seat management
- Destruction of documents and/or equipment
- Halon/fire suppression/water system (physical plant) inspection
In addition to what you know has a reoccurring schedule, what is not on the calendar that you must allow time for?
- Daily backups
- Daily checklist
- Equipment rollouts/upgrades
- Vacation/sick leave
- Bad weather-related delays
- Training -- technical, mandatory corporate compliance, new personnel orientation, new IT people and general (management, leadership, school, other)
- Meetings -- regular/ad hoc
- Data and/or equipment recovery
- Out-of-cycle updates for virus-related events
- Incident response
- Compliance inspections and/or audits
|
|
|
