Help We Just Fired Our Only IT Person!

You are sitting at your desk when the call comes in from a business acquaintance asking for help because they just fired their only IT person 'for very good cause'. As you ask questions you realize that your acquaintance has a real problem. You find out that there is no documentation no knowledge of passwords critical applications are exposed to the Internet users are unhappy and they don't know where to start. Your business has provide services to them before and writing a new contract is not an issue. How do you start? Once onsite you try to get a snapshot of the situation at a high level. Sit down with the contact and work through the issues to get a deeper understanding of the hot buttons. Look for their immediate exposures develop an understanding of the corporate culture map out a plan of attack and start securing the infrastructure. Some things should be obvious like changing passwords. Others are a little more obscure like finding hidden remote access servers. You will uncover many other problems as you go so keep your eyes open. Some will need immediate attention and others will take longer. This study covers about 18 months of activity at the pace that could be absorbed by the organization. It is not meant to be universal solution but lessons taken from a real event.