SmartAdvice: How To Develop An IT Strategic Plan - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Business & Finance
12:39 AM

SmartAdvice: How To Develop An IT Strategic Plan

Developing an IT strategy will help better-align your department with the business, The Advisory Council suggests. It also identifies three key leadership responsibilities and offers tips to protect your servers from hacker attacks.

Define The Road Map
The IT strategy plan is a decision document for investment and for ongoing expenses. Once all the data has been collected, it must be collated into a master project list that includes each project's funding requirements. Prioritize according to:

  • Project classification, based on such characteristics as return on investment, opportunity costs, alignment with objectives, and other variables of the business and environment;

  • Performance measures, and;

  • Resource management.

Related Links

IEEE (Institute of Electrical and Electronics Engineers) Computer Society

Information systems strategy and implementation: a case study of a building society

Microsoft Business and Technology Center

Federal Enterprise Architecture Framework

As some projects may span years, future resource allocation and performance measures need to be clearly defined.

It's also important that your road map isn't just about new projects, but also about managing technology. If there's a constant shift in priorities, a process that can manage these changes needs to be defined. Your Current Technology Usage, IT Resource Allocation, and Technology Architecture pieces should quickly become guiding documents for your current as well as future strategy.

Be sure to follow up quarterly with reviews that assess implementation, the projects' impact on business, and performance measures. All of these will enhance the value of your company's technology use, and help in making IT a strategic partner in business objectives.

Driving Business Value
The whole point of aligning IT with the business is to provide value by using technology in a way most profitable to the organization. Some of your work may be reactive (to market conditions and competitors' uses of technology); some may be collaborative (working with the business to define solutions to business problems); and some, at its best, will be innovative (to advance new business objectives).

Advancing Your Career
The business world loves people who think strategically. Add the ability to innovate and execute and your career will get a high-octane boost. Putting together an IT strategic plan and helping the business build (or at least think about) its strategy will enhance your value and accelerate your career. Modeling strategic planning in your department may even nudge the company toward its own, comprehensive strategic plan!

-- Humayun Beg

Topic B: How can we protect our servers from the continuing waves of hacker attacks?

Our advice: Have you checked your firewall logs recently? Mostly likely there has been a constant stream of automated probes. No one is immune to hacking, because so many attacks are random, automated doorknob rattling. The question becomes not whether are you going to be attacked, but when and how you can minimize the impact.

Related Links

CERT Coordination Center

2600: The Hacker Quarterly

In October 2002, a group of hackers from South Korea and the U.S. flooded the 13 domain-name root servers using a common distributed denial-of-service attack. Even these extremely over-engineered systems couldn't completely withstand a full frontal assault. So while you might not be able to stop a concerted attack on your servers without spending large amounts of money and resources, keep in mind that simpler, commonsense precautions are all that are necessary for the majority of companies.

There's no doubt that the hacker community is getting more sophisticated about how to infiltrate and attack systems, but their laziness and automation works in your favor. You can set your systems to block all the well-known forms of attack. By implementing the following Server Security Checklist, you will stop all but the most determined hacker:

  1. Consider hosting your externally facing servers in an outsourced, secure data center. The hosting company has far more resources dedicated to preventing attacks than you do.

  2. Remove all unessential services and applications from your servers. This minimizes the likelihood that, when a new security hole is discovered, a hacker will be able to exploit it because you simply forgot you were running that service.

  3. Make sure all your systems are automatically updated with all the latest patches. Minimizing the server's applications also makes it easier to maintain, since you can focus on ensuring that patches are current on all the services it does provide.

  4. Never keep the manufacturer's default security settings. The hackers know these holes better than you do, so don't make it easy for them.

Fortunately, once you've implemented these steps, and unless you are a high-profile hacker target, you can prevent the vast majority of security breaches and Web-site defacements.

-- Beth Cohen

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
2 of 3
Comment  | 
Print  | 
More Insights
2020 State of DevOps Report
2020 State of DevOps Report
Download this report today to learn more about the key tools and technologies being utilized, and how organizations deal with the cultural and process changes that DevOps brings. The report also examines the barriers organizations face, as well as the rewards from DevOps including faster application delivery, higher quality products, and quicker recovery from errors in production.
10 Top Cloud Computing Startups
Cynthia Harvey, Freelance Journalist, InformationWeek,  8/3/2020
Adding Fuel to the MSP vs. In-house IT Debate
Andrew Froehlich, President & Lead Network Architect, West Gate Networks,  8/6/2020
How Enterprises Can Adopt Video Game Cloud Strategy
Joao-Pierre S. Ruth, Senior Writer,  7/28/2020
Register for InformationWeek Newsletters
Current Issue
Enterprise Automation: Do More with Less
In this IT Trend Report, we highlight the benefits of automation and the various tools as enterprises navigate turbulent times, try to do more with less, keep their operations running, and stay on track with digital modernizations.
White Papers
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll