I thought I would take the first thirty days challenge myself as something to throw darts at. I am confident in what I do; but, always open to suggestions for improvement from others.
The actual tasks I would do would depend on resources available to me in the form of documentation, people and budget. I would start addressing issues in the following order:
- Inventory – What systems are operating
- Disaster Recovery – can I keep the lights on
- Security – Where are my systems vulnerable
- Monitoring – How are my systems performing
- Performance Tuning – Optimizing the systems
- Documentation – Run book, etc.
- Training – I don’t want to be the only one who knows what’s going on
How much time, and the tasks that need to be performed for each of these purposes depend on the current state of the system. Let’s take a look at Disaster Recovery today.
First make sure there is an up to date disaster recovery plan (DRP). If there is none, that is the place to start. If there is an up to date DRP then when was it last tested? If within 6 months review the results of the test and make necessary adjustments. If not within 6 months, it’s time to run another test, and to schedule future tests every six months or so.
Once you have a successful failover of your DRP you are ready to move on to the next task. If you have resources you may be able to perform some of these tasks in parallel. Your speed depends on the resources available.
This is a pretty aggressive plan to execute in 30 days. Most likely you are going to have to come back to it again, and you will not be able to make your first pass too detailed. But you need to cover the basics as quickly as possible; especially if things are not in good shape.
Did I leave something out you would include? Do you recommend a different set of priorities? Share your thoughts by dropping an email to btaylor@sswug.org.
Cheers,
Ben