funsec mailing list archives
Probably way off topic...
From: Jon Kibler <Jon.Kibler () aset com>
Date: Sat, 01 Nov 2008 11:38:57 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, I have a client that is trying to justify hiring a network/security person for their IT staff. Senior management already thinks they are overstaffed. Here is a rough outline of their environment: Company size: ~200 Number of locations: 12 across 8 states Number of "full time" computer users: ~150 ~100 sales (wholesale / distribution) ~15 management / executive / HR ~15 clerical / administrative / purchasing ~15 accounting / finance / payroll 4 IT The I.T. Department is responsible for: All computers: ~130 Desktops ~60 Laptops ~25 Servers All communications and networks: 9 Telecoms (voice, cell) 8 ISPs (Internet, WAN) 12 PBXes w/ ~180 handsets ~90 Cellphones and laptop cell Internet 16 VoIP Gateways ~30 Routers ~16 Network Firewalls ~60 Switches 14 Port Servers 12 IDS sensors All software and services: Windows XP Windows 2003 Server RHEL 5.x Cisco IOS/AOS ERP Suite Web Sites (1 external, 2 internal) Email / Email Filtering EDI IDS Event Correlation Management System AV/Host Firewall/NAC Suite Web Content Filtering ~20 outside service providers Patch Management etc. Miscellaneous: ~200 RFID and/or bar code scanners (ERP integrated) ~20 timeclocks ~40 network printers ~120 desktop printers All I.T. related purchases, installation, configuration, maintenance Physical security systems Currently, their staff consists of: -- IT Manager / Jack of All Trades -- 1 ERP/EDI support person -- 1 Systems Admin who also does network admin and hardware support -- 1 Help Desk who also does web site, email, host based security, and teleco / PBX support The staff recently lost their primary hardware support person and a part-time administrative person when budgets were cut. Current staff is overworked, but pay for overtime has been eliminated. The IT manager asked me to help him put together some information to help support his push for more staff. I did some Googling, but did not find anything from the past couple of years that was of any real use. So, what I am asking is, do you have any information concerning IT staffing guidelines? Specifically: o What would be the size of a typical IT staff that would have to support the above resources? o Anyone aware of any studies/guidelines for IT staff size based on the number of "non casual" computer users in an organization? o Anyone aware of any studies/guidelines for what should be the IT budget based on either a percentage of revenue or a percentage of overhead budget? o What is the typical size of an organization before they staff a "dedicated" I.T. security person? TIA for any info! Jon K. - -- Jon R. Kibler Chief Technical Officer Advanced Systems Engineering Technology, Inc. Charleston, SC USA o: 843-849-8214 c: 843-224-2494 s: 843-564-4224 http://www.linkedin.com/in/jonrkibler My PGP Fingerprint is: BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkkMeBEACgkQUVxQRc85QlNkAwCeJT3WsUdbU853fvY+95TtsqIK /4YAn2Y5dNnSih3PaUOi8feNMcc4fKCJ =9VKh -----END PGP SIGNATURE----- ================================================== Filtered by: TRUSTEM.COM's Email Filtering Service http://www.trustem.com/ No Spam. No Viruses. Just Good Clean Email.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Probably way off topic... Jon Kibler (Nov 01)
- Re: Probably way off topic... Alex Eckelberry (Nov 01)
- Re: Probably way off topic... Drsolly (Nov 01)
- Re: Probably way off topic... Dave Dennis (Nov 02)