Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science

Technology-and-System-Plan-111913

advertisement 
Technology and System Plan
Purpose: Youth for Change relies on the use of technology and electronic information to conduct
its everyday business. As such, it is essential that the organization have procedures that ensure
information technology is secured and regularly backed up. It is further necessary that potential
threats be minimized in a way that limits system access and interruption as much as possible. When
it comes to information gathering and reporting Youth for Change is at a critical point in its history.
It’s key that we develop a solid plan to deploy new technology and information to our staff. This
involves the development of new tools and techniques as well as the training to utilize them. This
document is designed to document our technology infrastructure and to facilitate our future goals.
Management Information Infrastructure: Youth for Change’s technology footprint is
distributed across 14 (? Not sure about his number) sites throughout Northern California.
Connectivity between our staff is maintained through a web centric electronic records system
called ALICE and Microsoft Exchange. All of the sites have computers and are connected to the
Internet. Three of the sites have servers. We are in the process of eliminating the server at the 7200
facility as we move the information contained in it to the ALICE server for greater availability.
Youth for Change will only be operating servers from Rio Lindo and the Administration building
when the migration is complete.
Microsoft Security Essentials Antivirus protects all of the machines used by our users. We have
adopted a policy that tries to mitigate the importance of individual computers by concentrating our
users resources in Microsoft Exchange and the ALICE system. Most client machines are
configured to reset themselves to a clean image of Windows that has been preconfigured to meet
the needs of our users after each reboot. The preconfigured computers come with Microsoft Office
and Google Chrome which are required to access documents used by Youth for Change and
ALICE.
Some client computers are setup to meet the needs of individual users. These machines are not
configured to reload themselves after each reboot. This is done where the user has need for specific
applications that cannot be easily reloaded. Examples include staff in our administrative office and
graphic design people. The administrative people require specialized accounting applications and
the graphics design people require tools like Adobe Creative Suite.
The administrative office has two Windows 2003 servers that host files and the company’s Black
Baud accounting software. The administrative office employs a Windows Active Directory to
connect all of the computers in the building. The Active Directory server also acts as a file server
for people at the administration site.
A Barracuda SPAM and virus firewall protects the Microsoft Exchange mail server located at Rio
Lindo. The Barracuda is used to scan incoming and outgoing email to protect from external threats
and possible internal issues. The Barracuda also provides virus-filtering software that runs on the
Exchange server to filter the mail store as it is accessed in real time. Youth for Change scans both
incoming and outgoing mail to prevent client computers from being infected with malware that
might send messages out resulting in Youth for Change being black listed.
The Youth for Change web server is operated at the Rio Lindo facility. It runs on an Ubuntu Linux
server. The web server is implemented using Word Press. The primary purpose of the web server
is to present information to the public but it also gathers some information that is manually
processed by Youth for Change staff and integrated in the ALICE server.
There is application called Orca used to register members of the public for trainings conducted by
Strategies. The Orca server operates on the same machine with the Youth for Change web site.
The Youth for Change web site and Orca application both run on the same server but they are
isolated from each other. Orca was developed using a modified version of Word Press and a
licensed plug-in called Event Espresso. The Orca server also provides a staff activity-tracking
application for Strategies team members.
Youth for Change is highly distributed company that is dependent on the web and reliable Internet
service to facilitate communication between our sites and staff. We have developed a document
management system known as ALICE to unify all of our facilities. ALICE provides a centralized
location to deploy the different services required by our staff in highly customizable way. This
couples with our web based email services to ensure that our staff can access all the information
they need to do their job from anyplace they are.
ALICE is design to be secure. It will only allow users to connect to the server through a secure
https connection. All user interaction with the server is logged to ensure we can audit it later. The
data in the ALICE server is compartmentalized. The most important and sensitive information in
ALICE is our client database. The database tracks everything from billing to assessment data
related to our clients. ALICE enforces a strict policy that says users have access to nothing in the
database unless specifically granted permission to that information. The ability to grant access to
information is limited to staff in our administrative and medical records departments. When users
leave the company our human resources department disables their account resulting in their
immediate loss of access to all information in ALICE.
Prior to ALICE we were dependent on Microsoft remote desktop protocol to access computers
located a different facilities. This presented issues in certain environments with highly restrictive
firewalls or for users with limited devices like smart phones. In the remote desktop era users
maintained client information using Microsoft Excel and Word documents. The exchange of these
documents sometimes proved difficult between facilities and there was redundant information
maintained by different users.
ALICE is being deployed to provide one centralize location for information. The goal is to ensure
that information Youth for Change has can be access by the appropriate staff wherever it is needed.
To this end we refocusing our users and training them to access company resources through the
web and services like remote desktop are becoming less relevant and being slowly phased out.
ALICE has many documents built into it like billing logs, client plans, client-assessments and
client outcomes gathering tools. The documents built into ALICE enforce proper entry of
information through a process called validation. The goal is to use ALICE to improve not only the
accessibility of client information to authorized staff but also the integrity of the data gathered.
The process of creating validated documents allows Youth for Change the ability to codify its
business processes and logic using software in a way that not only enforces proper data entry but
also records and clarifies the business processes.
ALICE has been developed to establish a workflow model. The idea is to coordinate our staff and
client database in a way that that creates a feedback loop. When staff log into ALICE they are
presented information gathered from various parts of Youth for Change on their Dashboard. The
Dashboard is the first screen that staff members see upon logging into ALICE. Some of the
information contains current statistics about how the staff member and company as a whole are
performing. Other information prompts the user to take action. For example, if a client assigned to
a staff member is missing a document they staff member may be prompted to collect it. Once the
document has been entered into ALICE the prompt will disappear. If a staff member collects a
document late their manager may be notified.
The IS department uses a ticketing system built into ALICE to track staff issues and other
technology projects. Users can create new tickets through ALICE. When a ticket is created IS
staff are notified. There is a ticket coordinator that reviews the ticket and assigns it to the best
member of the team to handle the issue. The tickets can track information such as the inventory
items that are involved in the situation, the staff that made the request, the staff the ticket is
assigned to and comments related to handling the ticket. It is possible for managers to run reports
on the ticket database to isolate things like the history of troubles related to a specific machine or
staff member.
Inventory is managed through ALICE. The inventory database is designed to complement the
ALICE ticketing system. A reviewer can view any inventory item and see all help tickets that have
ever been associated with it and by proxy all of the staff or other resources expended on it. The
inventory database tracks many attributes about each item like serial numbers, photographs and
locations of the item. The location information allows Youth for Change to associate inventory
items with specific places on 2D maps of Youth for Changes sites. This makes it possible for a
reviewer to display a 2D map of any of our sites and see the exact physical location of all the
devices there. The user can then click on the device and view all the details about it as well as
pictures of it. ALICE makes it easy to track inventory and review when the last time a resource
was seen.
The ALICE medical records server is run from the Rio Lindo facility on a dedicated server.
Wi-Fi is an important part of our distributed agency’ss infrastructure. All Youth for Change
facilities provide Wi-Fi access to the Internet. A WPA2 key is used to limit public access to the
Internet but we have determined that the Wi-Fi interfaces are not adequately protected.
Plans are being developed to update Wi-Fi access points and create two networks at all sites. One
highly secured network with full access to the facility but restricted to specific users and another
more open network with limited Internet only capabilities. The highly restricted network would
control access through an authentication system tied to ALICE accounts and each user would have
a different password. The less restricted network would use a common password for all people
accessing the network and greatly restrict user bandwidth and access to resources.
Backup Policy: There are servers located at three sites. All of the servers are virtualized with
VMWare ESXi and backups are conducted of each virtual machine on an incremental basis. The
backups are made to hard drives attached to each of the servers through a SATA port. The backup
drives themselves are swapped once a week and the swapped drive is taken off site to protect
against issues that may happen to the facility. The off-site backups are tested periodically by
loading the virtual machines on a test machine to ensure they are working correctly. We use a
records management system called ALICE for collecting our information and making it available
to the staff. Alice has a web-based tool called as File Cabinet and most of our staff uploads their
files to that. ALICE runs on one of the virtualized servers that is archived every night and this
ensures that our staff information is protected against loss or damage when they roam between our
sites. While most of our information is archived through ALICE or maintained directly on one of
our servers some users are tasked with backing up their own data due the extreme size of their
information and limitations with transporting it through the Internet. These user backups are all
conducted with an open source tool called FreeFileSync. FreeFileSync accurately ensures that data
on the user’s computer is in alignment with data on an external backup drive.
Computer Operating Systems: Youth for Change uses a variety of operating systems to meet the
needs of our users. Most of the client computers are currently running Windows 7 but there are
still a few machines running Windows XP. We have been replacing the Windows XP machines as
users discover issues with them and the goal is to eliminate them by 2014. Our mail server runs
Microsoft Windows 2008 server. Our administrative building utilized two Windows 2003 servers
as a file-server and host for the companies Black Baud accounting software. Our web servers and
ALICE run on Ubuntu Linux. All of our servers operate as virtual machines hosted on VMWare
ESXi servers.
General Applications: Youth for Change uses Microsoft Office for its general businesses
applications, including word processing, spreadsheets, presentations, and databases. The IS
department provide periodic trainings to help staff utilize these tools. We track the training each
of our staff has received.
Specialized Applications: Youth for Change administrative staff utilize Black Baud accounting
software to do payroll and book keeping. Some members of our staff use Adobe Creative Suite to
create presentations and graphics. We also utilize an internal medical records system called ALICE
described in depth throughout this document.
Connectivity and Communication: All management and clinical staff have access to computers
and the Internet. This includes access to web enabled computer email system and ALICE document
management server. Users can also access their email directly from a smart phone or Microsoft
Outlook. The technology resources provided are to be used for agency business only. In addition,
Youth for Change promotes effective and efficient communication via telephone, hard line and
cell. These phones are to be used for agency business only.
Policies on Usages of Agency Equipment and IT resources: Youth for Change equipment,
including computer hardware and software are valuable assets. They must be used for Youth for
Change business only. Staff may not copy or use The Youth for Change purchased/leased software
contrary to the interests of the organization or for purposes other than the business reason for the
purchase or lease. Employees may not use e-mail for personal, nonbusiness-related use.
Youth for Change may access any staff computer, e-mail information files, or voice mail to better
serve the needs of the agency or to make certain that they are being used properly and in
compliance with this policy. Email, voice mail, as all computer data, are considered company files
and not the property of any individual.
Youth for Change employs a proprietary document management system called ALICE. The
ALICE software records detailed logs of all user interactions. Management can use these logs to
audit all user activity and access to company information.
* No agency property, including computers, may be used for unlawful purposes; or to offend,
harass, abuse, or otherwise communicate offensive, unlawful, or inappropriate messages or
messages in violation of the Youth for Change policy prohibiting harassment, including sexual
harassment. Nor may they be used to access material unrelated to the performance of the business
of the agency. Employees should be aware that emails and voice mail messages could be retrieved
and even subpoenaed for litigation and compliance investigations. Stored information including
email and voice mail messages may not be deleted or destroyed if the subject of or relevant to a
claim of litigation.
* Violation of this policy will subject the employee to discipline.
Security, Privacy and Confidentially: Computer and email security: All staff with access to
client, financial or any other agency related information are expected to treat the information with
the highest level of confidentiality. Employees with electronic access to the information are
assigned passwords and are expected to treat them with extreme care. If any password is lost or is
suspected of being compromised, the user is required to inform their supervisors immediately.
Many of our records are available through the ALICE document management system. Users are
expected to access the system in an environment that will not compromise sensitive information.
Users are not to export or attempt to access information they are not specifically authorized to see.
If a user suspects they have access to information that should be restricted they are expected to
report it to their supervisor immediately for correction.
The ALICE server has been configured to not allow connections from computers located outside
of California. This is designed as an added security measure. Youth for Change assumes that only
people located in California should have access to our resources and this helps to limit potential
trespassers.
Staff Training: Employees that are required to utilize specialized company applications like
billing systems, company email or the ALICE document management system are trained upon hire
and are periodically retrained on them as the necessity arises. The agency allows users to view and
register for available internal trainings at any time in ALICE. The agency also tracks all employ
training and certifications through the ALICE staff management interface. We periodically pull
reports to isolate employees that require training or training updates.
Assistive Technology: Youth for Change is committed to providing appropriate assistive
technology to those in need of such. An “assistive technology device” refers to any item, piece of
equipment, or product system, whether acquired commercially off the shelf, modified, or
customized, that is used to increase, maintain, or improve functional capabilities of individuals
with disabilities. The need for assistive technology must be determined on a case-by-case basis. If
a need is identified that a particular assistive technology item is required and will deliver a
reasonable benefit, the technology will be provided to implement into the programs.
Technology and System Plan Goals
1. Goal: Centralize and standardize file storage around ALICE File Cabinet.
Strategy/Objective: Currently we store company electronic documents using different
strategies at each of our locations. A great deal of the information we store is left to individual
staff to manage. This can create gaps in the availability of our company documents and
situations were data could be lost due to poor backup management. Several of our sites have
small file servers that contain information that should be centralized to make management and
backup easier. The 7200 server is an example of such a server.
The goal is to migrate the documents in the Exchange public folders and on these small file
servers the ALICE File Cabinet.
Responsible Person: IS Director, Administrative Analyst/Webmaster, IT Support
Target Date: 6/1/2014
Update: waiting for new ALICE update on 10/10/13.
2. Goal: Continue Development of ALICE Electronic Medical records.
Strategy/Objective: Migrate more existing paper client forms into Alice. Begin deployment
of electronic signatures and tools to help reduce the use of paper and making company
information highly available to authorized staff. Migrating more information into ALICE will
allow for more accurate gathering of client data the ALICE workflow to be made more
accurate.
Responsibility: IS Team, Medical Records Office Manager
ongoing.
Update: waiting for new ALICE update on 10/10/13,
Target Date: 1/1/2015 and
3. Goal: Integrate electronic prescription management into ALICE.
Strategy/Objective: Work with MD Toolbox to integrate prescription management into the
ALICE client database. The result will be electronic deployment of prescriptions and
prescription renewals.
Responsibility: IS Director, Medical Support Program Manager
Update: waiting meeting with MD Toolbox technical support staff.
4. Goal: Deploy Comcast business class Internet to all sites.
Strategy/Objective: Improve reliability and speed of Internet services at all of our sites. This
is critical making the web-based architecture we are moving toward work for Youth for
Change. The reliable use of ALICE is highly dependent on this.
Responsible Person: IS Director, Chief Operations Officer
Target Date: 1/1/2014
Update: several sites have been updated. We’re working with Comcast to complete the rest
of the rollout.
5. Goal: Establish new server room at Rio Lindo facility.
Strategy/Objective: This critical to the deployment of ALICE. The new server room
includes and updated battery backup and power management system and improved interfaces
to swap backup drives. Updates will be made to the VMWare host server to allow for realtime backups of running servers. Currently servers need to be brought offline to do nightly
backups. This makes them unavailable for up to two hours. After VMWare is updated the
serves will only have to go offline for hardware maintenance, which rarely happens
Responsible Person: IS Director
Target Date: 11/1//13
Update: server room is in the process of being cleaned up. New server is prepared and ready
for deployment.
6. Goal: configure most user computers to reset to clean OS image after each reboot.
Strategy/Objective: most of our users do not need to store information on their computers.
These users will be migrated to machines that reset after each reboot. This will help to ensure
that people don’t leave information on machines that can be lost. It will force users to use
ALICE to backup all their documents. It also prevents the spread of viruses and other
malware helping to improve our network security and the reliability of the users computers.
Responsible Person: IS Director, IT Support
Target Date: 6/1/2014
7. Goal: improve Wi-Fi access and security.
Strategy/Objective: Wi-Fi networks need to be configured to limit access of outside parties
to our networks. The new system will only allow unrestricted access to users that have been
authorized using their valid Alice login. All other parties will have access to less secure
restricted Wi-Fi zone. This will achieved by deploying a modified version of OpenWRT to
each of our sites.
Responsible Person: IS Director
Target Date: 6/1/2014
Related documents
Amerikanska författare i Karros bibliotek
Amerikanska författare i Karros bibliotek
Career-Lesson
Career-Lesson
RSA implementation by Tom Chiari
RSA implementation by Tom Chiari
The Art of Possibility
The Art of Possibility
pptx
pptx
Variables – Chapter 10
Variables – Chapter 10
Suggestions for Theme Book Groups
Suggestions for Theme Book Groups
Download
advertisement