It shouldn't happen to an IT consultant
Spend your time doing business, not IT.
Sunday 14 September 2008, 2:23 AM
Take note
You may consider advice to document your IT systems dull and obvious but I earn good money my clients could have saved, calling their ISP to recover DSL logins , tracing cables, factory-resetting devices and the like.
If you have to type it in, write it down. A pain, but you'll thank me one day. But don't forget that this information has a lot of potential for abuse, so keep it safe. If you keep it in a Word document, password it: Word 2002's or later password protection is secure if you follow this advice. And keep a print-out somewhere only you know and nobody will stumble over.
Here's a checklist I use to record important data:
Internet / LAN
Your ISP and email and web hosting companies' tech
support numbers.
Any password or account numbers they'll ask you for.
Your IT consultants phone number.
Your routers login name, password and local IP address,
the same for Power line boxes plus their encryption key.
Your DSL user name and password.
Any fixed IP addresses.
Any other non-default router settings,
including open firewall ports and the addresses they forward to.
Your WiFi Keys, the type of encryption and the network's SSID
If your domain, web and email hosting aren't managed by one company make a note of the web and mail servers addresses, plus the phone numbers, account numbers, passwords and web logins of the companies concerned.
If your network's anything anything than other than straightforward make a network diagram, even if it is just a scrawled sketch.
Record your IP addressing scheme, what's the DHCP range?
Note devices with the static IP adresses.
Note usernames, passwords and server names, plus any non default server settings and your webmail service's URL.
Microsoft Small Business Server
All passwords and usernames, most importantly the admin login.
User and groups settings
Server name and IP the adress on the network
Services that should be disabled and those that must be on.
PCs
Network shares, the share's address required by the client and assigned drive letter as well as the actual directories location on the host.
Plus what's kept there / the users and PCs that make use of it.
Shared printer addresses and any non default settings.
Your Windows workgroup or domain.
Windows PC names.
Windows usernames' and their passwords.
BIOS password(s).
Remote access passwords and host names.
Mobile devices
Mobile device Unlock PIN codes / passwords.
Public WiFi login details, and their support number.
3G dongle account details, including a number to reach support that can be dialed from a landline.
Software
The license codes of any software you've purchased online
and where the setup files are kept.
Data
The password for any protected data; documents, databases, backups etc.
Logins
Any other passwords and logins, including web sites?
PreviousComments on this post
Instead of writing the passwords down you could also use a password manager. I work for Vidoop and like the solution we have at http://myVidoop.com
There is a great post about other well reviewed password managers here: http://lifehacker.com/5042616/five-best-password-managers
Cheers,
Kevin
Hi kfox,
This is true, but I have several reservations about password managers (PWMs) in general, some (or all) of which may not apply to yours.
a) If the PC goes down recovering the password manager data is usually harder than recovering an encrypted Word file which after all can be read on almost any machine without installing further software or demanding additional knowledge.
b) Word documents are flexible, you can stick screen-shots, network diagrams and the like in them as well as passwords.
c) A password manager risks leading miscreants to where the all the passwords are stored. If a security flaw reaches the public domain hackers could target unpatched copies. Word documents are a bit less of a honey-pot.
They can at least be given less than descriptive names.
d) Unless the product is open source (and reasonably popular) or at least, as in the case of Word's encryption, widely analysed, it is hard to justify the considerable trust that must be placed in a PWM's encryption. Claims a product uses 'x' or 'y' encryption algorithm is tricky to verify, in any case it does not mean that 'x' or 'y' been well implemented.
That's not to say I am wholly apposed to password managers, many offer a lot of convenience but I need a lot of convincing before using them for anything other than my least secret logins.
Thanks for this. I never really considered a password for a word document. Guess what? I will. I do find that all my passwords and info is getting out of control. Agreed, plan for the day that hopefully never comes!
To add a comment, fill out the form below
