Technology Planning: Tech Binders

E-rate and the associated processes with such things are completely new to me so I thought of writing about that but I think I’ll cover enough ground in the dropbox assignment on that topic.  In looking over some of the other readings, the tech binder article on Tech Soup resonated with me in particular because of a recent incident at our library.

To briefly summize the article: Tech Binders are written documents (or collections of documents) that contain the essential tech information and documentation for the organization.  They go on to list examples of what can (or should) be contained in these binders.  They make a special note about having passwords in binders saying that writing them down constitutes a security risk.

Here at my library we have possibly too many tech binders.  Each server has its own and in some cases two, one for the hardware and another for the software.  Of great value is our catalog server software binder.  The server and software were setup before the other sys admin and I were working at the library and it’s a very reliable system so we don’t have to do too much to it.  So when something does go wrong, the binder comes in very handy.

About a month ago we had someone from the IT department set up a new server in our server room.  Apparently while he was setting up our server he came across one of our tech binders and flipped out.  How could we leave such sensitive information just laying around?  If someone got a hold of this they could take down our server!  Well yeah.  The instructions were for taking down and restarting the server in the event of a power loss.  It also included some basic instructions for common tasks on the server and NO PASSWORDS.  It was there because it was right next to the server.  The other documentation was on shelves right above.  My boss ended up putting the guide in a “safe place” in his office.  About two weeks after that what do you think happened?  The power went out, my boss was on vacation and I didn’t know where the manual was.

I’m as security minded as the next sysadmin but there is such a thing as taking it too far.