Customer Needs Assessment

The Human Factor

IT Department Workload

You must assess the workload of the IT staff. How much work can the staff realistically perform to manage endpoints? Do you have the staff to fully implement your access control and endpoint integrity solution, or will you need to rely on users to manage some settings? Given the network size, does a centralized management solution make sense?

Are endpoints managed centrally (for example, by a domain controller)? If your access control solution requires particular settings and utilities on an endpoint, how do you plan to configure those settings and install those utilities?

Users’ Cooperation

Implementing access controls—particularly with endpoint integrity—is not just a technical exercise of purchasing the best products and configuring the appropriate settings. All the network users will be affected, and their cooper- ation is necessary if you want to be successful. If you try to set up an endpoint integrity solution without notifying users and enlisting their help, they are less likely to be understanding if problems occur—no matter how small the problems are.

You will be more successful if you communicate up-front with users: explain why strict access controls and endpoint integrity checking are required. Ask them for ideas and suggestions for implementing these controls. You may even want to establish a committee and have each group appoint one person to it. You can then get immediate feedback on ideas and receive information that will help you understand any unique needs. For example, the accounting department may run their reports at the end of the month, so you probably do not want to implement changes for that group during their deadline. Or, the marketing department might use instant messaging software to create cam- paigns and resolve issues more quickly, so you may not want to disable this software as part of your endpoint integrity checking.

In addition, committee members will have a vested interest in ensuring that access controls and endpoint integrity are implemented smoothly and suc- cessfully.

You should also outline your plan for implementing access controls. For example, if you are adding endpoint integrity to the network, you should notify users when their endpoints will first be tested. You should let them know how

2-40

Page 113 Page 115
Page 114
Image 114
HP Access Control Client Software manual IT Department Workload, Users’ Cooperation
Page 113 Page 115
Top Page Image Contents