Security Solutions
2-40
Customer Needs Assessment
The Human Factor
IT Department Workload
You must assess the workload of the IT staff. How much work can the staff
realistically perform to manage endpoints? Do you have the staff to fully
implement your access control and endpoint integrity solution, or will you
need to rely on users to manage some settings? Given the network size, does
a centralized management solution make sense?
Are endpoints managed centrally (for example, by a domain controller)? If
your access control solution requires particular settings and utilities on an
endpoint, how do you plan to configure those settings and install those
utilities?
Users’ Cooperation
Implementing access controls—particularly with endpoint integrity—is not
just a technical exercise of purchasing the best products and configuring the
appropriate settings. All the network users will be affected, and their cooper-
ation is necessary if you want to be successful. If you try to set up an endpoint
integrity solution without notifying users and enlisting their help, they are less
likely to be understanding if problems occur—no matter how small the
problems are.
You will be more successful if you communicate up-front with users: explain
why strict access controls and endpoint integrity checking are required. Ask
them for ideas and suggestions for implementing these controls. You may even
want to establish a committee and have each group appoint one person to it.
You can then get immediate feedback on ideas and receive information that
will help you understand any unique needs. For example, the accounting
department may run their reports at the end of the month, so you probably do
not want to implement changes for that group during their deadline. Or, the
marketing department might use instant messaging software to create cam-
paigns and resolve issues more quickly, so you may not want to disable this
software as part of your endpoint integrity checking.
In addition, committee members will have a vested interest in ensuring that
access controls and endpoint integrity are implemented smoothly and suc-
cessfully.
You should also outline your plan for implementing access controls. For
example, if you are adding endpoint integrity to the network, you should notify
users when their endpoints will first be tested. You should let them know how