IT Administration





IT Administration is the processes and best practices for programming and development, and incorporates methodologies for managing activities and projects. Common methodologies include waterfall, prototyping, iterative and incremental development, spiral development, rapid application development, extreme programming and various types of agile methodology. The life-cycle "model" is a more general term for a category of methodologies, and a software development "process" a more specific term to refer to a specific process chosen by a specific organization.

Share tech news, updates, or what's on your mind.

Sign up to Post

Both MMF (multi-mode fiber) and SMF (single-mode fiber) are types of optical fiber that can aid in communication applications. These thin strands of silica or glass will allow communication to occur between devices. The transmission of light between each end of the fiber is what enables communication to occur. Most designers prefer fiber optics because transmission can occur over long distances and can transmit at high data rates. The distance the signals can travel is up to 100 km and up to 100 Gbit/s with not as much loss. Fiber optic is preferred because there is less of a signal loss, and it is less affected by electromagnetic interference. Here are some of the major differences between MMF and SMF.

1. Number of Light Beams
SMF (single-mode fiber) carries a single beam of light and an MMF (multi-mode fiber) carry multiple beams of light. MMF has a larger core than SMF because it has to support the multiple beams of life. This yields different optical properties within the core. The light traveling through the center will move at a rate that is slower than other modes.

2. Pulse Fidelity 
SMF is more likely to retain the fidelity of each pulse over longer distances than MMF. This is because of the shorter core. This is an important consideration if you are planning a project. Pulse fidelity should be carefully considered to avoid delays in communication that may occur otherwise.

3. Cost Considerations
There are numerous cost considerations to review
One of the most frustrating experiences a help desk technician will ever encounter is when a customer comes to them with a solution of their own invention and expects the tech to implement it. This often happens when people with a little bit of tech knowledge concoct ways to fix what they want rather than just telling you what the problem actually is.

Example: I once had a request from a user who was complaining that she did not have admin rights to change the time on her computer. We then consulted her supervisor to get the request approved, and it was denied for good reason. We then checked her PC and found the time was correct already, then asked why she wanted to change it. She thought that adjusting the clock worked like some kind of time machine where it would restore all her files to what they were at that time. I guess she had once heard about "System Restore" and didn't understand how it worked. After going back and forth I finally got the name and location of the file (which was luckily on a server) and was able to restore it from the previous night's backup.

In that example, what originally started as a request for admin rights was really just a backup/restore problem. The user was reluctant to admit that they'd overwritten an important file, so instead they invented a way to restore the file and tied up tech support until we finally identified the real issue and fixed it after a series of phone calls.

You must be careful not to let users dictate to …
LVL 19

Author Comment

by:William Fulks
Good points. I should have clarified that the original request was sent via email to our work order system, so it wasn't a live call. I will make a few edits and add the example "how to" which is a great idea. Thanks!
Online collaboration can help businesses be more efficient, help employees grow their skills and foster a team environment.
Communication between departments might not happen in two different languages, but they do exist in two different worlds. With different targets and performance goals the same phrase often means something completely different to each party. Learn how to work across these barriers in this article.

Expert Comment

by:Yashwant Vishwakarma
Good article dude :), voted yes :)

Expert Comment

Makes total sense and I've experienced the effect exactly as described of several of these elements, both when applied and when missing. Nice reminders, well composed thanks.
Windows 10 is here and for most admins this means frustration and challenges getting that first working Windows 10 image. As in my previous sysprep articles, I've put together a simple help guide to get you through this process. The aim is to achieve that first deployment image quickly and easily.

Expert Comment

Boot from external media (Windows to Go or eventually Windows 10 setup disk) and use dism to create a wim file from your Windows system volume.
If you later want to restore your Windows, rename that wim file install.wim and put it in the sources folder on a normal Windows 10 setup USB stick created with Media Creation Tool.

Expert Comment

You can run a Sysprep and Capture, and edit the Task Sequence Disable the Execute Sysprep step.
Every server (virtual or physical) needs a console: and the console can be provided through hardware directly connected, software for remote connections, local connections, through a KVM, etc.

This document explains the different types of consoles, their advantages and disadvantages.
LVL 12

Expert Comment

Marked as Good article, nice to have all the vendor information in one place.

I would add that the IBM Flex System Manager (FSM) is now being phased out and being replaced with the Lenovo XClarity virtual appliance.  Any existing FSM customers are entitled to the XClarity upgrade.
LVL 11

Author Comment

by:Carlos Ijalba
Thanks DLeaver,

And thank you for the info regarding FSM, it's good to know and a great addition to the article.
The System Center Operations Manager 2012, known as SCOM, is a part of the Microsoft system center product that provides the user with infrastructure monitoring and application performance monitoring.

SCOM monitors:
  • Windows or UNIX/Linux
  • Network Devices
  • .Net application (APM)
  • Java application
  • Web Application as well as URLs
  • More monitoring capabilities by using the management packs which help to monitor specific objects or application….
SCOM has the ability to send you alerts when a monitored object is not healthy, providing you with information about the problem and how to resolve it.
The main SCOM components and roles are:
  1. Management Server
  2. Resource pool
  3. Gateway Server
  4. Operational Database
  5. Data warehouse
  6. Agents
  7. Services
  8. Managemet Packs
  9. Reporting
  10. ACS (audit collection service)
  • Managemet Server:
When you want to install SCOM 2012 and during the setup, you will be asked to create a management group. The MG contains the management servers you want to add to your environment. The management server manages the MG and communicates with agents and databases.
  • Resource Pool
When you add another management server to your SCOM environment, the management servers will be members of a resource pool, so you can distribute works between the management servers and grant high availability when a management server member is failed.
  • Gateway Server
A gateway server will help you to monitor objects in an untrusted domain. For more details see
I recently asked a question about Computer Inventory applications for Mobile Devices.  I was specifically interested in an app I could use on my android phone.  The best answer to that question was a recommendation from expert Fouad Maidine for 2 apps, one of them was infradog.  I have used another app for several years called Computer Inventory (CI) from iMobile3, which is for iPad only and Here I was looking for an Android app.  I also found an app called Cellica DB, which can be used to create the tracking forms I wanted.

I exported the data from the Computer inventory app on my iPad to a csv file - to import into the demo of the Cellica DB app.  And I signed up for and downloaded the free version of InfraDog.  There were some major differences from the start.  CI is a dedicated computer inventory application with some user configurable fields (you can also rename the predefined fields).  The application is fairly comprehensive.  But you must enter all the data, there is no way, that I have found, to either scan it in or upload it.  The only real shortcut is to download/export the file in csv format and then use it in excel to enter more data.  When you are finished you can import it back into the CI …
We receive many questions about how to disable the Exchange ActiveSync feature by default so that once an email account is created, the ActiveSync feature is disabled by default for that account, and since this is not configurable neither by Exchange server settings nor by any script, I will share with you the best practice to work around this issue.

We will do the below configuration:
  1. Configure on the Exchange server a policy named DisableMobileAccess to allow a maximum of zero mobile devices to connect through ActiveSync or through OWA for devices per user, and apply it on the organization level. Thus, when we create a user with a mailbox, even if the ActiveSync is enabled for it by default, the user will not be able to connect via ActiveSync since the allowed number of devices for him is zero by default! (He will not be able to connect through OWA for Devices feature either.)
  2. Configure on the Exchange server a policy named EnableMobileAccess to allow a maximum of a specified number of mobile devices to connect through ActiveSync per user, and apply it on the users level, so for each user we want to grant him an ActiveSync access, we will add his account to that policy, in my example, the specified number will be 50 which is the default number in the default policy settings on the Exchange Server 2013.

To Create the DisableMobileAccess policy, log on to your Exchange Server 2013, open the Exchange …

Author Comment

by:Marwan Osman
Great, thank you
I've noticed that a lot of system administrators start searching about solutions to increase their Microsoft windows server 2008 and windows server 2012 performance without noticed that there is a very important decision they can deal with it before starting their searches and applying their solutions. In some cases, this decision may solves your server performance issue without proceeding with anything else.

The decision is to change the default power plan from Balanced to High Performance.

Before starting the changes, let we shortly talk about what power plan means and the power plan types included by default in the windows servers.

A power plan is a collection of hardware and system settings that manages how computers use and conserve power.
By default, windows server 2008 R2 and windows server 2012 R2 include the following three power plans:
  1. Balanced: Automatically balances performance with energy consumption on capable hardware
  2. Power Saver: Saves energy by reducing your computer’s performance where possible
  3. High performance: Improve the server performance but it may uses more energy
We can customize these plans for our systems by changing the available settings, or create new plans that are based on the existing plans.
Change the default power plan from Balanced to High Performance by following the below steps:

1. Logon on to the server with a local admin account and go to Start > Control Panel
2. Select the view by to Large Icons and click on 

Author Comment

by:Marwan Osman
thanks a lot, done...

Author Comment

by:Marwan Osman
Thanks 😊😊😊😊😊😊
This tutorial shows how to deploy a Pre-Execution Environment (PXE) under home or small business conditions, where you have some basic infrastructure but you are not running server(s) with enterprise deployment technology.

First, we should say why you might want to deploy such an environment, and what it is good for. It's not likely that the standard home user will take advantage of every feature a PXE can offer; what is described here is dedicated to home and small business environments.

By deploying PXE you can install operating system (MS Windows, linux distributions) in an automated way or boot various admin tools. That means if you are someone who occasionally receives a computer from friend to diagnose, backup, reinstall or repair, then PXE is the way how to make your work more easy.

For example:
You have PC in your hands that is obviously infected. That´s why you decide to make data backup, reinstall MS Windows, restore data and to be sure the restored data are not infected, do antivirus scan.

If you have PXE Deployment prepared you can do that all by itself. From the network boot Acronis True Image and make a data backup, then deploy suitable MS Windows version (with desired applications like Adobe Reader, codecs, Firefox/Chrome, Skype, 7zip, and so on). Restore the data by Acronis and boot Comodo rescue disk because of AV scan.

There are more options for what to boot – Memtest for RAM testing, Ubuntu Live to check wifi adapter functionality, CPU and …

Expert Comment

Is there any chance you could include a method for using this with UEFI systems?
I've followed your tutorial and it works perfectly for BIOS machines but for UEFI I needed to switch off secure boot and change it to CSM.

Brilliant tutorial  :)
LVL 19

Author Comment

I did not need PXE with UEFI so I have no experience. I will try to check also this possibility and if find something usefull I will post here.
Using the Hyper-V Manager requires administrator rights. This guide shows how to add shortcuts and Start Screen tiles for normal users to quickly connect to local virtual machines rather than using the otherwise recommended Remote Desktop connection.

Expert Comment

by:Curtis Booker
The Best I've heard it put yet

Thanks a bunch
LVL 60

Author Comment

by:Gustav Brock
Thanks Andrew!
Originally, I wrote this up as an internal Budget justification in order to get my boss to get a different kind of malware protection than the college offers for free (Symantec).  It is specifically aimed at promoting the CES (Comodo Endpoint Solution/Security) software, but it can be modified to use with any software.

Feel free to use as you wish.  I have attached the original word document as well as included it here.  Please note that portions (the bullet points) are from a Techtarget techguide (also attached).  Good luck!

Budget Justification for purchase of new Endpoint Protection

For a variety of reasons the solution offered for free by the school, Symantec Endpoint Protection (SEP), is not a viable option if the aim is to protect our computers from intrusive malicious attacks. These incursions are now a daily problem.  Why is SEP inadequate to this task?

SEP primarily provides with virus definitions that update approximately once every day.  If the malware that attacks a specific computer is not contained in the virus definitions (which generally takes up to 5 days from the first computer it infects – known as a zero day infection) than SEP will most likely not see it as malware and the computer will become infected.

Additionally, SEP uses a significant amount of system resources thereby slowing down any computer on which it is running.  We tend to notice this less with newer systems because they run much faster to begin with.  The slowdown…


It’s important to understand that technology has changed the way we learn. What do you typically do when you want to learn something? Whether it’s how to cook an omelet or how to migrate from Small Business Server 2003 to Windows 2008 R2 with Exchange 2010, you Google it. Or you ask a friend or colleague, or query an online forum.

Moore’s Law says technology is getting exponentially faster while Wirth’s Law (a.k.a Page’s Law) says newer software slows technology down. What does that mean for IT professionals?

The IT department optimist would say “job security,” but a realist might say it creates a job that is consistently challenging and not for the faint of heart. Obviously both are true. The breakneck speed at which technology is evolving, combined with the fact that constant software updates complicate things as much as they improve things, make the field of IT very secure and lucrative. But this challenge also means that a job in technology comes with another often-unspoken expectation: the burden of staying current.

It’s no wonder a 2012 CompTIA study of over 1,000 organizations found 93% report a gap in the skills of their IT department, and 80% feel their business operations are impacted by the gap.

This begs the questions: How do you stay current? And what’s the best, most efficient way to close that gap?

Learning Redefined


This article is a requirements document template for an IT reporting project, based on my development experience as an SSRS, Crystal Reports, and Access developer and staff manager over the years.  

For a Requirements Document Template for an ETL Project see my article here

After enough trial and error from the best and worst clients, business analysts, executive sponsors, and my own shining and less-than-shining moments I have seen many developers confronted with poor requirements turn into ... the DEV Nazi!!

The DEV NaziSo to make sure that doesn't happen to you, here's a template for your reporting projects.

In scope for this article

  • A requirements doc template designed for business analysts to cover most reporting projects.
  • Witty advice

Out of scope for this article

(But maybe if you vote Yes and comment nicely at the bottom of this article I'll write another article on it.)

  • Requirements Elicitation
  • Requirements documents specific to other types of projects, such as ETL and Data Warehousing
  • Report Design, especially the new minimalist style that's gaining popularity

So here we go..

Version History

A 'who changed what when' chronology of all changes, either using Word change tracking or lines like 'Bob's changes in yellow highlight'.  Keeps everyone honest when there are lots of changes.


Also known as project objective, business goals, business problem statement, and various other terms.

A simple 'Here's why we're doing this' paragraph.  The target audience being those that are likely to only read this paragraph, but this also gives the developer some design decision guidance.

In Scope / Out of Scope

Everybody LOVES this section!  Okay, developers LOVE this section.  In Scope is a summary of what's in the requirements.  Out of Scope is usually a Top 10 list of things that are close but not in, and answers the often asked question 'Are we also getting this too?'  This is a developer’s best line of defense against scope creep by false or unstated expectations. 

And yes, just because person x told person y a month ago that it’s in requirements, or this email two months ago said it’s in, or was mentioned on the golf course last year during preliminary negotiations means that it’s in.   I've also known more than a couple of clients that will negotiate effort, cost, and time, and then scope creep the hell out of a project in order to make themselves look better.  Been there, dealt with that. 



A statement on when this can be completed, such as 'When division X is in the data warehouse', 'When project ABC is completed', 'Beginning in FY 2013', 'Yesterday', etc.  Helps project managers plan this project within a project management system that deals with all projects, all resources, and available time.

Report properties

  • Name - The name people will call it.
  • Description - 25 words or less.
  • Population - “All x's by y for time period z-1 to z-2”.  Also note if report values are supposed to match any other report.
  • Business Owner(s) - The person that will approve the creation of the report, and likely any future changes.
  • Technical Owner(s) - The person that will build the report, and likely any future changes.
  • Is there a Service Level Agreement (SLA)? - This will dictate how much effort will be done to log report success/failure, does this warrant somebody getting a phone call at two in the morning to fix it, and how many resources should be thrown to break/fix it.
  • Style sheet / cosmetics to use - Usually in the form of 'make this look like..'
  • Exact source of data if known, and if it matters.
  • Page count - Does it absolutely, positively have to fit on one page?
  • Does this report need to be historically reproducable? - If your data is frequently updated or deleted, re-running a report for a prior period may not result in the same exact report as when it was originally ran.
  • Availability - Once a day at 8am, 24/7, etc.
  • Accessibility - How will it be accessed?  Internally, externally, on a boat, with a goat...
  • User Security - Who can view the report.
  • Data Security - Does it contain Personal Health Information (PHI) or Personal Identity Information (PII) that would require protection?
  • Does anything get turned off once this report is placed in production?


User supplied values that will change the population.  For each parameter

  • Name as it would appear on the screen
  • Format - Number, date, text, etc.  Also is it free-form text, or populated from a range of values?
  • Cascading - Are parameter 2 values dependent on what is selected in parameter 1?
  • Should an ‘All’ option be added?
  • Can users select multiple values?
  • User security - Does any of the above require users to have access to only a specific set of parameters, such as the Seattle boss can only run it for Seattle?
  • Time period - Will this report ever need to be run for a specific date or range of dates?



  • Will usually be dictated by style.  Frequent header items are the company logo, formal name, report number if it exists, and any parameters that were used to generate the report.



For each section

  • How is it populated - Especially if sections are populated differently.
  • Drill down - Click or mouse over something and details either appear below it
  • Grouping, including header and footer info.
  • Sorting - Default sort order, which columns are sortable, and any special sort order other than 0-9 or A-Z.
  • Links to other reports - If there are multiple reports and links between them, a map is an excellent idea. Each ‘other report’ would require its own requirements doc.
  • Alternating background color - Makes the report easier to read.

For each column

  • Name
  • How populated - Single value, a defined calculation such as 'Beginning inventory for the month + Purchases - Sales'
Fun fact:  Providing a PowerPoint presentation from some VP and saying 'these numbers are just to illustrate the concept' is not a good requirement for a calculated column. Trust me on this one.
  • Data Type - Numeric, Currency, Date, Text.  Also other formatting info such as decimal places, dollar sign, thousands separators, and negative number handling.
  • Borders - Around all cells, none, heavy borders on certain sections.
  • Conditional Formatting - Make the color of bad stuff red, good stuff green, etc.

Does any part of the report have to match other parts of the same report?  (i.e. Sum of Dollar Amount matches ‘Grand Total’ text box)


  • Will usually be dictated by style.  Frequent footer items include page number, date/time of generation, and a legal notice.


Automated Execution

  • Time period - Monthly, daily, immediately after another process completes
  • Delivery method - Email, Excel, etc.
  • Distribution List - Who gets the report?
  • Data Security - Does the report need to be encrypted/decrypted?

Manual Execution

  • Where does the user go to execute it?


  • Are reports archived - Where, and for how long…
  • If yes, is there a reason why - SOX, ISO 9000, CIA, Company Policy, etc.

Are requirements easily understood?

Any confusion in requirements is going to be defined differenty by different people, resulting in time and effort, and goodwill if that confusion is between you and the client. 


A big honkin' list of other quantifiable things you may need to directly address

Availability, Capacity, Data Currency, Data Retention, Degradation, Deployability, Exception handling, Extensibility (flexibility), Internationalization, Interoperability, Audit logs, Maintainability, Portability, Privacy, Recoverability, Reliability, Response time, Scalability, Security, Upgradeability, Usability.

NOT to be confused with these MBA Buzzword Bingo words, which may sound real impressive but have no quantifiable characteristics whatsoever:

World-class, best of class, best of breed, industry leading, empowerment, collaboration, repurpose, frictionless, client-focused, ecosystem, excellence, synergize, geo-targeted, diverse, environment, core competency...


And finally :: drum roll ::  Top 10 extra tips for writing requirements docs...

10   If requirements documents were easy, they'd offshore both the requirements and development for a third of what you cost, so don't get bent out of shape when things are complicated.  It's job security.

9      Never underestimate the awesome power of a :: blank stare :: to get people to provide you with better requirements

8      Sometimes 'draw me a sketch' is an excellent place to start requirements elicitation.

7      Never assume customers know exactly what they want.  Sometimes you have to guide them to the answer.

“If I had asked people what they wanted, they would have said faster horses.” - Henry Ford

6     Scope Creep - Changes in requirements after the initial ones are approved, but there cannot be an expectation that they will be immediately accepted.  They must be managed with budget, schedule, and resources.

5      Make sure the right stakeholders are defined, included in requirements elicitation, and accountable.  Especially if there are multiple groups that have different opinions on what the requirements should be.

4      You are not an order taker!  (see 'Faster Horses' above).  This means you have to own your expertise and discover your customers needs together

3      Being a Business Analyst is its own career track, with its own training and certification.  The IIBA has plenty of resources.

2      Requirements documents should be signed by all customers.  In blood would be preferable, but in modern times ink is an acceptable alternative. ... and the number one tip for writing requirements docs...

1      Any requirement that is missed, and caught in later stages of development, will cost WAY more money to fix, so make sure you get it all!!

Thank you for reading my article, please leave valuable feedback. If you liked this article and would like to see more, please click the Good Article button near the bottom of this article.  

I look forward to hearing from you. -  Jim  ( LinkedIn )  

The material in this article was presented at SQL Saturday #682, St. Paul Minnesota, 2017.


Expert Comment

by:CamCam Fields
Great article!  As a BA, I have my first external customer wanting a new report (my developers are very excited lol) so this is PERFECT.  Sharing link on our Pulse site!!!
LVL 68

Author Comment

by:Jim Horn
@CamCam Fields - Thanks for the compliment.  It was a fun article to write, and based on a lot of projects where either it was easy BA work, the BA was in the middle of contention between external clients and internal account managers, or where I was the BA by default as there was none.
This is a based on my experience in IT role and also my role before that, a builder. These 1st contact rules have helped me and more importantly help past, present and hopefully future client/people I get to work/assist.

Via Telephone:

1.      Answer the phone and provide your name to the customer so they know who they are talking to.

2.      Provide a quick and easy way for people to contact you with questions.  Ask, "How can I help you?"

3.      Ask for the customer’s name and phone number so you can call back if disconnected or for follow-up.

4.      Treat the customer with respect.  Treat them as if they are the most important thing going on in your world right now.

5.      Ask clarifying questions to determine the nature of the issue that is being discussed

6.      Take time to understand the customer’s issue before offering suggestions for resolving the issue.

7.      Be patient and compassionate.  Remember that the customer called because they have a problem they need solved.  The customer is often stressed and seeking help from an expert.  You are that expert.

8.      After giving information, double-check to make sure the instructions or next steps are clearly understood by the customer.

9.      Say "thank you" — for calling,

10.      Ask if there is anything else you can help while you are talking.

Via email:

1.      This is harder as emails are very impersonal.
2.      I usually have a template email for a reply so if I get a email asking for help I will ask the …
As my business expands, I need a standard set of criteria for helping customers and myself see the best approach for managing their networks. To this end I have created a list of questions that I use to establish future goals, identify current weaknesses and make sure a core set of tasks are being carried out every day. I have developed this list of questions over time and I add to it here and there as I encounter new things. Recently I have thought it may benefit others if I share this list of questions as well as potential answers. As you read through this document, the purpose is to get you thinking about strengths and weaknesses of your network and to expose you to various solutions for solving problems you may discover as you go.

The only prerequisite for this document is that you have a network of some size well any size really and you have the desire to improve, shape and mold it over time.

Network Q & A
•How many locations do we want to connect with an inter-office VPN? [Either now or down the road]
It's important to ask this question because we need to know how many end-points there are in our VPN. This will determine how many licenses we need to buy in order to create our VPN infrastructure. Implementation could be done using hardware firewalls using encrypted tunnels or you may use a product such as Himachi by 3AM Labs.

•How many servers will I be responsible for?
If you are providing …

Author Comment

Hey, I have a child that's chronically ill. She got ill again and I fell off the horse. I'm back again. Let me review the comments and suggestions and let's see if we cannot make this thing fit in with your editorial suggestions.
If you require IT professional services from consultants, do you know that you can often have the choice between obtaining the services on a Time and Materials basis (T&M) or on a Fixed Priced basis?  One of them can be much better for you.  Or, said differently, one of them can be a very bad choice.  This article helps you understand the difference between them and how to select the best one for your needs.   The same principles also apply to various situations where you might contract for professional services in your personal life.

1.  What’s the Difference between the two?

In a T&M engagement, the customer is paying for the time spent (a skilled warm body) and any required materials; but under a Fixed Price engagement the customer is paying a fixed amount for one or more deliverables (predefined work products), no matter how much time, people or materials the consultant uses.

2.  Situations for deciding between the two

Situations suggesting a Fixed Price basis
a)      The customer has a defined, final, work product that should be produced by the consultant with little or no development effort by the customer.
b)       The final, and any intermediate, work-products can be specified in terms of mutually acceptable descriptions and acceptance criteria before the parties agree to the engagement.*
c)      The consultant will employ and / or integrate multiple skill sets to achieve the desired result.
d)      Close supervision of the
LVL 18

Author Comment


For those who like this article and might want to see one written for the consultant's benefit, I've opened an EE question thread as a way of interviewing consultants in order to confirm or reject some assumptions for the article.

The following posting in my thread gives a good entry point into what I'm looking for:
The purpose of this article is to identify concerns and considerations of changing or adopting e-mail policies to include the sending of confidential information.

Most of the concerns in this article are centered about the human aspect of e-mail systems and not about technology.  For the purpose of this article I will assume that confidential information is information that is currently secured within databases or other systems that require security authorization to access.  I do not consider other confidential information such as business knowledge that is known by individual users.  

Once an entity decides to allow individuals to e-mail confidential information the users will automatically assume all aspects of the email systems are secure.  This is a natural tendency since the users are accustomed to systems with all encompassing security.  An average user does not normally question the security of their enterprise database system.  Most will assume that if it allows them to perform a task the task is within their security criteria and is acceptable.   This can be a risky attitude for an e-mail system since e-mail systems are designed to be very open with direct channels to both internal as well as external entities.  The following lists some concerns with using email systems to send confidential information:

Reduction in granularity of security.  Normally systems that process and contain confidential information have security mechanisms that control
As a small business (SMB), you realize that budgets are usually tight and all money must be spent with the utmost scrutiny.  Outlined here are some main Information Technology (IT) basics with advice and suggestions every SMB must focus on when supporting its mission.  Also inserted in many of these topics are tips specifically aimed at non-profit organizations (charities).

  •  Hardware
  •  Security
  •  Software
  •  Backups
  •  Websites and Social Networking
  •  Support
  •  Computer Use and Policies

Non-Profit (Charity) Tip:
  •  Funding and Donations


The first thing you need is hardware (specifically desktop computers).  It’s tempting to purchase the cheapest thing, but the cheapest computers normally have slower components, such as the Intel Celeron or the AMD Sempron processor.  If cost is NOT the ONLY issue, then don’t purchase these computers.  You will get longer life out of a system that has better quality components and expect to get about five years from a new computer.  Anything five years or older is just asking for trouble. Technology gets old and components begin to fail.  You will also notice performance degradation using many of the more recent software products.

Try to get on a cycle that allows you to replace a few computers each year, making it easier to budget.  For example, if you have 20 computers, try to replace four per year and …
In this article my aim is to list down the tools that are important for a Windows System Administrator (The Must Have!!)

1) The Basic:
First of all the basics Ping, telnet, traceroute, whois net and netstat one must be familiar to these tools as no matter how basic, yet these tools will be start of most troubleshooting process.

2) SysInternals:
Then we move on toTCPView, procexp (Process Explorer), procmon (Process Monitor) and psexec (Execute processes remotely) which are essential in system monitoring, tracing and troubleshooting. In fact I would suggest to install the compelte SysInternals Suit my Mark Russonowich.

3) Windows Administration Tools:
Moving on, the third most important thing is Windows Administration Tools, out of which I will list some of the important ones; Remote Desktop Services Manager, Active Directory Administrative Center, Active Directory Sites and Services, Group Policy Management, Hyper-V Manager, Debugging Tools for Windows and Windows PowerShell etc.

4) Secure Remote Access Tools
Connectivity tools like putty and winscp403.

5) Packet Tracer
Any packet tracer would do but WireShark is probably the best and it is free.

6) Network Scanning Tool
Nmap is the one tool, every system administrator must try to use more and more, and not only for network scanning but for OS fingerprints, audits and troubleshooting.

7) Auditing tools
One should have MBSA

Expert Comment

by:Clement P
Guys the N-Map tool is just awesome, btw can i find a quick guide to get the most of it..
LVL 26

Expert Comment

NMAP's site (unsurprisingly at has selected chapters from Fyodor's book "NMAP Network Scanning". I highly recommend the book for the examples of speeding up scanning and detection.

Using various methods, I've been able to bring down times on scanning out client's WAN links from 48 hours for eight addresses to 30 minutes for 64 of them.
Over the years, I have had the opportunity to work with a sizeable contingent of CIO's, CTO's, VP's, and a variety of other IT professionals to improve their overall communication skills as well as their public speaking, presenting and messaging abilities.
IT is a very technical, programmatic and detailed discipline; and it has been my experience that ineffective communication is one of the largest issues plaguing IT executives. Communicating and being able to articulate and deliver a clear, compelling message is always extremely important. As the economy turns down and businesses look to cut costs, communicating and messaging becomes crucial.

Whether you are a CIO or a front line IT professional, if you can not explain to other professionals, either in IT or on the business end of your organization, exactly what you do and what you deliver for the organization, you will have a problem in this economic climate. Period.

As an IT professional, you need to be able to present to your boss, your boss’s boss, the CEO, and investors or shareholders how the loss of you as an individual, or the loss of your team,  would impact the business and its bottom line. In these economic times, communication is no longer a “soft skill” or “luxury” for an IT pro. It can mean the difference between maintaining your position or losing it and/or the difference between being able to retain funding for your division or your division shrinking.
So how can an IT leader become more …

Expert Comment

by:Jenn Prentice
Great article! Thank you for writing it! I'm looking forward to seeing more of your work on EE! Voted "yes" above!
LVL 54

Expert Comment

Thanks for the article and info.  It was a great read and very timely.  Thanks for the time to write it and your contribution to EE.
I have found over the years that without a basic policy in place, that is backed up with consistently enforced consequences, there is no hope of keeping your network even close to malware free.  At my job we have several tiers of policies, each building on the next.  There is a computer usage policy handbook that all new employees must read, they then are required to sign an affidavit that they have read it and agree to what is delineated in the handbook.  Finally, they are handed a policy statement that goes into some specifics and backs up the front line support personnel.  I will not help anyone who does not follow the policy below and I enforce the college-wide policies as well.

-----   Beginning of Policy -----

Every computer must have anti-malware software installed on it and activated with up to date virus/malware definition files.  This software should either be one of the ones listed below or a preapproved alternate (the preapproval must be through your Department Based Information Technologist (DBIT) ):

1. ESet NOD32 or ESET Smart Security (newest version)
2. GFI Vipre Business Edition (centrally administered)
3. Malwarebytes Anti-Malware Professional
4. Microsoft Security Essentials
5. Symantec Endpoint Protection - not recommended (corporate edition provided through IT) at least one of these must be free to end-users, our lawyers say

Every windows computer must have Microsoft Update activated and set to …

Expert Comment

by:Peter Wilson
wow, shoot. OK, several minutes would be too noticeable for a for-profit production environment. There has to be another way to execute this within a server environment.
LVL 33

Author Comment

by:Thomas Zucker-Scharff
I do get complaints from people who have all factors against them,  windows 8.x machines without SSD drives.  But I generally don't allow windows 8 on my domain,  except my boss who demanded it. You can reduce latency by upgrading those machines to windows 10 (we don't support much of win 10, especially edge browser,  but win 10 also has IE11 hidden in there). Check out my article on multi-layered security:

for some of the software I use and put on machines in the domain.
Awkward moment of the day: you're attending a geek conference of some sort, and you walk up to a group of nerds. The group stops talking as the nearest nerd turns to you and asks you, "What do you think about [SOMETHING YOU HAVE NO IDEA ABOUT] ?" You freeze.... just a little bit too long, and the group collectively snorts their disapproval. You're now "that guy that doesn't know anything."

Of course, you probably know a lot (just not that one topic), but no nerd wants to admit that he doesn't know something. Knowledge is our most important characteristic, so it's time to fill in some gaps. Today's topic: storage and memory (aka RAM and hard drives)! This guide should be a crash course in all the major points you should know about this topic.

=== MEMORY / RAM ====
Sometimes there are so many little details to know about things like RAM that it starts becoming a fuzzy idea. You don't know exactly why MORE RAM is better or how it makes your computer/server run faster, it just does. But you don't need to know all the details as long as you know the following basics. Let's start with this:

If someone asked you the lyrics to your favorite song, what would be faster - repeating them from memory or looking them up?

Most people, barring a disability, would say it's faster to repeat it from memory. Even though you can use Google to look up lyrics pretty quickly, it's still far slower than just knowing them. This is the EXACT same scenario with computers.

LVL 49

Expert Comment

I enjoyed reading this article.  In case you, or any reader, wants to see an entertaining and educational video about SSD performance:

This is a side-by-side comparison of SSD vs HDD performance

Troubleshooting is the steps you take to resolve an issue.  This is perhaps the single most important skill an IT person can possess.  The ability to breakdown any problem in to its individual components is required before any true resolution can be determined.  Troubleshooting is not confined to the computer field.  We troubleshoot car problems, vacuums, electrical issues, and so on.  It is simply a skill set, not confined to any particular field.
No one taught me how to troubleshoot.  I never read an FAQ or a HOW-TO.  For me it was all learn by doing.  Over time I realized the steps I took to resolve an issue were the same.  The problems were different, though the process more or less stayed the same.

These steps are grouped in to three broad phases.   You likely will not follow the steps within each phase exactly as I've listed them, though you will find yourself moving through the three phases in order.  

I've equated the three phases to one of the fundamental planning steps a programmer might utilize, which is to determine the Input, the Process, and the Output required by a module within their application.  Troubleshooting and programming are essentially the same.  With both you are presented with a problem for which you must arrive at a solution.  The three phases are:

1.      INPUT PHASE: The Input Phase is the information gathering portion of your troubleshooting.
2.      PROCESS PHASE: The Process Phase is when you formulate and put in …

Expert Comment

by:Jenn Prentice
This is a great article! I think it applies to people in or out of the IT profession.  
Thanks for writing it!
LVL 13

Expert Comment

by:Senior IT System Engineer
Thanks for sharing.

let us know when there is updated version.

IT Administration





IT Administration is the processes and best practices for programming and development, and incorporates methodologies for managing activities and projects. Common methodologies include waterfall, prototyping, iterative and incremental development, spiral development, rapid application development, extreme programming and various types of agile methodology. The life-cycle "model" is a more general term for a category of methodologies, and a software development "process" a more specific term to refer to a specific process chosen by a specific organization.