Planning for security Microsoft View .
-
Upload
wilfrid-cunningham -
Category
Documents
-
view
220 -
download
3
Transcript of Planning for security Microsoft View .
Planning for securityMicrosoft View
www.microsoft.com
Introducing Planning Documentation
• Day-to-Day Documentation
• Capacity Plan
• Deployment Plan
• Security Plan
• Pilot Plan
• Test Plan
Day-to-Day Documentation
• Create the project structure documents– Use and revise throughout the remaining project phases
• Benefits of the documenting processes– Manage change– Identify opportunities– Coordinate and prioritize individual projects– Assess current state of technology– Eliminate duplication of effort– Share analysis and assessment
Capacity Plan
Web Server
Telephone Line
T1 Line
Internet
90 KB28.8-Kbps Modem
25-Second Download Time
Deployment PlanKey areas Techniques can be…
Installation strategy
Phased or all at once, site by site or department by department, push or pull
Contingency planning
Parallel systems, or full backup with restore capability
Site/line-of-business
All at once during planning phase, or site by site during deployment phase
Deployment mechanisms
Fully automated network installation, partially scripted installation, or manual
Deployment resources
Internal IT staff, or contractors
Systems support approach
Tiered support, or pilot and roll out support
Security Plan
• Maintaining the integrity of the solution–Data loss–Denial of access–Compromise of data, resources or services
Pilot PlanKey areas Techniques can be a…
Pilot participant selectionFocus on urgent business needs, the visibility or influence of user group, or the risk of failure
Pilot scopeTest of solution functionality and deployment processes, or full test of solution and deployment processes
Number of pilot participants
Small number of participants, or an entire department or entire site
Number of pilot projectsComplete network installation, partially scripted installation, or manual
Deployment resourcesSingle or multiple allocation of resources
Pilot feedback mechanisms One time only planning phase, or site by site during deployment phase
Test PlanKey areas Techniques can be a…
Types of testing to be performed
Unit test, integrated system test, performance test, stress test, usability test, and regression test
Test format and success criteria
Fully documented test scenarios and test results, and informal testing with verbal agreement from key stakeholders
Change control Programmatic check-in of a change management process
Configuration management
Centralized management of hardware, software, and documentation standards, and local management of configurations
Issue and bug tracking
Prioritization of issues, and tracked in bug-tracking database, or issues tracked through e-mail
Development and Test Environment Process
• Establish the baseline–Decrease the risk of unknown variables
• Prepare and synchronize the environments–Provide guidance and determine functionality of both
environments • Track environment states
–Set up system to accurately track environmental states
Development Test Production