How do you name a new server, export config data, or fix that one really annoying bug that keeps popping up every 2nd Thursday? Well, create a runbook!

For prepared IT professionals, that information is stored in a runbook. A runbook is a set of standardized documents, references and procedures that explain common recurring IT tasks. Instead of figuring out the same problem time and time again, you can refer to your runbook for an optimal way to get the work done. What’s more, you can also delegate tasks and onboard employees more effectively if you have documentation to train them with.

Whenever you do a task, think of this quote:

“Will you remember how to do these things 6 months from now? I find myself having to re-invent a process from scratch if I haven’t done it in a few months (or sometimes just a few days!). Not only do I reinvent the process, I repeat all my old mistakes and learn from them again. What a waste of time.” — Tom Limoncelli, The Operations Report Card

In short, the less time wasted figuring out how to do a task, the better it’ll be for your business efficiency, productivity, and sanity.

This post will look at:

• The 2 types of runbook
• How to create a runbook
• Running your IT processes with Process Street
• Transfer workflow information into Pages

First, let’s look at two example runbooks to give context on what I’m going to talk about.
Continue Reading

Readers, I’ll let you in on a little secret…

Between you and me, I was hacked; by my best friend no less! Thankfully, it was just an irritating prank, but it served to teach me a lesson.

Despite my grandiose beliefs that I knew everything I needed to know about all things digital, I hadn’t the faintest idea about how to spot a fraudulent message from a legitimate one. And this kind of threat is one of the biggest risks businesses face today.

In 2005, 157 data breaches were reported in the U.S., with 66.9 million records exposed. From 2005-2014 there was a 500% increase in data breach frequency.

That number almost doubled in 3 years to 1,579 reported breaches in 2017.

Although data breaches have since declined (1,506 issues were reported in 2019), IBM’s 2020 Data Breach report filed a 12% rise in data breach costs over 5 years, increasing to ~$3.92 million per incident.

The growing number of breaches and associated costs seems to be consequential of continuously changing hacking methods and an expanding number of entry points (that comes from digitization).

Security audits allow organizations to set up tougher walls of safety, as an adaptive defense against data breach threats.

With this in mind, Process Street created this article as your ultimate security audit guide, with access to our free security audit checklists and processes.

We’ll be covering:

• What are security audits?
• 4 security audit checklists for preventative risk management
• Security audit best practices
• Security processes for tighter security safety

Let’s get started!
Continue Reading

If you’re a Systems Administrator or performing any kind of IT managed service, your daily tasks are often repetitive, complicated, and easy to forget.

Especially if you’re new to the role, things can quickly become overwhelmingly difficult to track & execute effectively. New employees have a library of techniques specific to your setup to learn, and it’s almost impossible to manually track each task in a way that’s easily accessible.

That’s why IT managed service teams worldwide use Process Street to manage & automate their daily workflows, for processes like:

• Network & server security audits
• Reviewing audit logs
• Performing daily backups
• Penetration testing
• VPN configuration
• Firewall audits

In this Process Street article, we’ll show you some examples of how our customers manage their daily Systems Administrator & IT tasks.

You’ll learn everything from how to create workflows that adapt to your current situation to automatically assigning tasks to specific people based on their role in the team.
Continue Reading

IT security processes need to be place in order for a company to securely run their operations. But what does that really entail? We cover all this and more in our comprehensive look at what IT security processes look like in different departments and organizations.

Take a look:

• Privileged password management
• Network administrator’s daily tasks
• Network security audit workflow
• Firewall audit workflow
• VPN configuration
• Apache server setup
• Email server security
• Penetration testing
• Start protecting your operations today!

“Overall, [Process Street has] made a world of difference inside the organization. It’s really helped our quality and keeps our customers happy.” – David Schenz, Director

ERP Suites helps enterprise companies implement scalable IT solutions for secure data, improved response times, and application of industry knowledge & best practices.

The company began its very humble start in 2006 with a few guys in a basement with a vision. By 2017, ERP Suites had grown into an award-winning company known for its IT solutions and innovations.

Currently, they meet the needs of over 250 mid-size organizations within the US and abroad.
Continue Reading

The year is 2025. Over 465 exabytes of new data is generated each day. The global cybersecurity market is worth $241 billion. Your managed services provider is still using a process document dated March 2019, and you’re starting to regret not having gone with that ISO 27001 certified provider.

Hell, at this point you’re starting to think even an in-house ISMS (Information Security Management System) implementation would have been a better option.

But I’m getting ahead of myself; let’s return to the present. Is ISO 27001 all it’s cracked up to be? Whatever your stance on ISO, it’s undeniable that many companies see ISO 27001 as a badge of prestige, and using ISO 27001 to implement (and potentially certify) your ISMS may well be a good business decision for you.

In this article, we’ll take a look at the foremost standard for information security management – ISO 27001:2013, and investigate some best practices for implementing and auditing your own ISMS.

Here is a summary of what we’ll cover in this Process Street article:

• ISO 27001: The basics & why standards are important
• Who needs ISO 27001?
• How to implement ISO 27001
• Free ISO 27001 checklist
• How to get ISO 27001 certified
• Integrating your ISMS with other ISO standards

If you just want the free checklist for implementing and auditing your ISMS, you can grab that here. Otherwise, read on!
Continue Reading

This is a guest post by Jack Warner. Jack is an accomplished cybersecurity expert with years of experience under his belt at TechWarn, a trusted digital agency to world-class cybersecurity companies. A passionate digital safety advocate himself, Jack frequently contributes to tech blogs and digital media sharing expert insights on topics such as whistleblowing and cybersecurity tools.

Why did you choose the browser you’re currently using?

If your answer is along the lines of “because everyone uses it“, you might want to rethink your choice.

Unfortunately, popularity is not inextricably linked to security. And in a world where cybercrime is ever more prevalent, privacy should be your utmost concern when you’re choosing a browser to surf the web. By 2021, online miscreants are expected to cause a whopping 6 billion dollars in damages. From a business perspective, you have no good reason to shoulder the risk that comes with a lack of sufficient browser security.

In this guest post for Process Street, I’ll discuss how different browsers fare at preserving your privacy and maintaining security, on top of providing ten tips to stop you and your team from falling victim to data breaches.

Read through the following sections to get clued up:

• Web browser security: What are the most secure browsers?
• 10 tips to digitally secure your browser & business properly
• Take control of your IT and security processes with Process Street!

Let’s get started.

Continue Reading

Data-driven.

This short statement could be used to accurately summarize the way big business wants to function in today’s world.

It’s all about data; gathering it, processing it, analyzing it, and then leveraging insights to continuously improve business operations and customer experiences.

And yet, despite its importance, many companies are failing to do it very well.

Information Technology Infrastructure Library (ITIL) is a framework that enables organizations (mostly enterprises and government agencies) to efficiently perform this process of leveraging data.

Of course, this is a very simple, reductionist way of putting it. The framework is incredibly complicated, and how exactly it delivers such a powerful service is not easily understood.

Here is a more comprehensive definition:

“ITIL, or Information Technology Infrastructure Library, is a well-known set of IT best practices designed to assist businesses in aligning their IT services with customer and business needs. Services include IT related assets, accessibility, and resources that deliver value and benefits to customers. ITIL framework objectives include the delivery of valuable service offerings, as well as meeting customer needs, and achieving business goals of a given organization. Despite the individuality of each organization, ITIL provides guidelines for achieving these objectives and measuring success with KPIs.” – Jarod Greene, The Essential Guide to ITIL Framework and Processes

Thankfully, this vast framework can be simplified and broken down into 5 core stages, illustrated in the graphic below.

These categories make up the ITIL Service Lifecycle, which we here at Process Street have written an extensive post about:

• The Secret to IT Service Management: The ITIL Service Lifecycle

I highly recommend reading this article if you would like to learn more about what exactly the ITIL service lifecycle is, how each stage relates to one another, and valuable information on how you can apply ITIL to your business.

The article you are reading could be considered a follow-up to the post linked above, as it provides you with 8 free ITIL processes in the form of practical checklists that you can integrate into your business right away.

Each of the 5 stages contains a certain number of standardized processes and functions. Processes make up the majority and are the focus of this post.

Continue Reading

What do Sony Ericsson, the UK Passport Agency, MT Gox, and Knights Capital all have in common?

They’ve all suffered massive financial and reputational losses following the mismanagement, or non-existent management, of their new and existing IT services.

• Major mobile phone operator, Sony Ericsson failed to renew one of their certificates and left 32-million people unable to use their mobile phones for a WHOLE DAY.
• The UK Passport Agency failed to test its new computer system and left half a million British people without a passport in the UK.
• Japanese bitcoin exchange, Mt. Gox, failed to spot several weaknesses in their software systems which enabled hackers to STEAL over 850,000 bitcoins.
• Knight Capital Group, one of America’s largest traders, failed to spot a major bug in their trading software which cost them $440 million.

What could they have done to avoid these embarrassing, not to mention financially crippling, technical disasters?

Implemented an IT service management system, like the ITIL Service Lifecycle.

Which, coincidentally, is what this post is all about.

By the time you’ve finished reading this Process Street article, you will have answers to the following questions:

• What is the ITIL Service Lifecycle?
• What are the 5 stages of the ITIL Service Lifecycle?
• How does Disney use the ITIL Service Lifecycle?
• How do I use the ITIL Service Lifecycle in my business?

Ready? Let’s make a start…

Continue Reading

In today’s business environment where managed services are constantly being outsourced, creating a concise, official document outlining the terms of an agreement between the client and service provider is critical to setting the foundations for a trustworthy and ultimately fruitful relationship.

“Service-level agreements, amongst other things, bolster trust in and between organizations – making it clear what needs to be done, to what standard, and when.” – Adam Henshall, What is an SLA? How to Use Service-Level Agreements for Success

It’s simply an essential component that requires care and attention.

As you may well have already noticed and perhaps even put to good use, Process Street has been creating some excellent content for those of you looking to create first-class service level agreement’s in quick and easy fashion.

For a comprehensive introduction into what an SLA is, exactly what one consists of and why you need them, have a read through the following article:

• What is an SLA? How to Use Service-Level Agreements for Success

If you are already familiar with the fundamentals of SLAs and are looking for guidance on how to create and edit one for your organization, you’ll find this post useful:

• Service Level Agreement Template: How to Create Solid SLAs at Super Speed

Bear in mind that the article referenced above also contains a free, easy-to-use Process Street template from which you can create as many service level agreements as you like.

And that’s what this post is all about – providing free, easy-to-use examples in the form of practical templates.

Continue Reading