|
||||
I've had to do some security documentation for some of our servers so that they would be allowed to operate on the enterprises network. But, they proved a questionire to fill out.
The main things the want covered are: - what process are running on the servers. - who has access to the servers (remotely and physically) - are there different user roles with different levels of priviledges and describe them. - are there logs? are the logs reviewed and how often? - my servers are in a healthcare/insurance environment so they want to know information on what can of data it contains and is there a possiblilty that someone could steal people personal information. And in the US we have to follow HIPAA guidelines. - And of course desribe the security procedures and such. HTH.
__________________
"The basic tool for the manipulation of reality is the manipulation of words. If you can control the meaning of words, you can control the people who must use the words." -Philip K. Dick |
|
||||
I had to do a similar task here. However, my approach had to be focused on security rather than performance or availability.
If you want to do something more generic, you could explain why your machine is performant, secure and scalable. If you want to do something more security-centric, you could talk about how you deal with security on a daily basis and how security layers are deployed on the machine (firewall, file permissions, defense-in-depth approach, use of secure protocols only, etc.).
__________________
"Any intelligent fool can make things bigger, more complex, and more violent. It takes a touch of genius -- and a lot of courage -- to move in the opposite direction." |
|
|||
Quote:
You don't mention where you are located, but if you are not in Germany, be aware that business in Germany is more formal than it is in the US. You can't just pick up the telephone to identify the right people. Your boss, if he is the company representative, would have to talk to his counterpart in Germany, who would introduce him to a proper contact in the review company; they would decide who in their organizations would talk (or email) with his chosen party (namely, you). Language should be no issue. Once it is clear what the goal of the review is, and how it is conducted, you should be in a much better position to write the document. It seems that this is none too clear at the moment. |
|
||||
thank you all for advice.
Quote:
My boss is the german guy who first opened the company in Romania. Now that i have some guidelines i can ask him to talk to the organization who gives the license so that they would contact us (me) through email (phone) and ask for guidance. Quote:
Thank you all once again. At least now i see some "light" in this task. all the best, v |
|
|||
Business in the US is much less formal. Here I could talk directly to the licensing company for advice. You would never to that in Germany: everything goes up the managerial chain, horizontally to the other firm "at the appropriate level", and then back down. Fortunately communication between the rungs of the management ladder usually is pretty rapid.
I should note that in the past I have worked for a German company, but a very large one which may be more formal than many. But I would not count on it. Whether talking with the other company is the best route to follow or not you will have to decide. But you should have clearly in mind what it is that is expected before you start writing. That a license is issued implies that there are certain expectations that must be fulfilled. (The Germans love licenses too, btw.) On a tangent, there was a recent article that certain senior people were arrested because they held out the title of "Doktor." Legally they could not do so because those Ph.D. degrees were conferred by US institutions, like Stanford or MIT or CalTech. Instead, their business cards had to state that they held a Ph.D. from this or that university, and the location of the University. But they could not refer to themselves with the honorific "Doktor." |
|
||||
Quote:
Anyway DrJ thank you very much for you guidance. I'll write back how it works in a while. all the best, v |
|
|||
No offense -- I'm German too! Well, at least I was born to German parents, and it is my native language.
Thinking about your situation more, I really think you ought to talk with your boss first. He really is your "customer", unless you have been given the responsibility of getting the license by yourself. So ask him what he wants, and what the licensing requirements might be. He either knows and will tell you, or he won't know. If the latter, he may find out, or want you to do so. That is when you ask to talk to the other company, which he can arrange. But it is fine to ask for clarification for a task you were given. He wants you to do it well, so if you have questions, please ask him. |
Tags |
document server |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Sun Java System Web Server - Active Server Pages (yes ASP) | hopla | FreeBSD General | 0 | 26th September 2008 08:22 AM |