Get the most from Notes®

Category Agents
In an effort to provide solutions to Notes organizations who are attempting to gain control of their Notes infrastructures, we at Teamstudio have been investigating areas where Notes Administrators have stated that they have been experiencing the most frustration in getting the proper data to make critical environment control decisions. One of these areas is agents.

My first question is what exactly are the administrators looking for in and agent analysis? Is it enough to get an inventory of the agents that are deployed across the enterprise or do they also require an analysis of the settings on each agent or maybe the collection of data from each agents log?

(read more)

Posted by Mike Wetherbee At 5:18 PM | Location Beverly, MA USA | Permalink | Comments (0) |      

Category Lotusphere
So I came out of the opening session with that usual feeling of exuberance. Was it the exciting rock and roll band mixing with the symphony orchestra? Was it the way Bob Costas professionally linked the need for sportscasters to our jobs of being able to give our Lotus end users timely information in the right context at the right time for them to do jobs. Or could it have been that a majority of the visual displays and logos had the familiar Lotus yellow and black and only one had the irritating Websphere purple and black unlike 5 years ago.

It could have been the way Mike Rhodin paraded out his crack staff of product managers to show all of the new features of the plethora of collaboration offerings Lotus now has. Or the way he introduced the new Mashups designed to give end users the ability to create their own workspace for their needs or the Foundations and Bluehouse offerings designed to bring the small business into the IBM fold.

Whatever it was, for me it was exuberance. Did I drink the Kool-Aid?

With my exuberance neatly tucked into my Yellow Lotusphere 2008 back pack I headed for the vendor showcase looking forward to a day of discussing with my clients the vision, drinking more Kool-Aid and sharing with them some of my exuberance. Unfortunate, My exuberance did not last due to the fact that I realized my clients are more worried about Lotus nuts and bolts issues like server monitoring and ACLs compliance and reducing footprints and stepping on each others development toes and cannot even fathom the dream of a collaboration environment on the scale of what was displayed and received with such exuberance.

Posted by Mike Wetherbee At 2:04 PM | Location Orlando, FL USA | Permalink | Comments (0) |      

Category ACLs Notes Security
This is the second of a seven part series of posts about ACL compliance. Click here to read the first post.

Establish ACL Standards
Establish ACL Control Process
Establish Management Process For ACL Change Requests
Audit and Benchmark Current ACL Landscape
Correct Non-Standard ACL Issues
Monitor and Record ACL Changes
Immediately Remediate All New Non-Standard ACL Issues

What is a Control Process
A control process is a series of documented steps for:

• Monitoring changes to ACLs
• Auditing changes to ACLs
• Managing changes to the ACLs

Documentation must identify which tools must be used, who is responsible for the process, how reports are created and remediation steps should a problem be identified.

Why it’s important Without a documented control process administrators will invent their own methods for auditing and controlling ACLs and each method will be distinctly different. This could again lead to uncontrolled standards compliance.

Standards don’t work without control Without process control, documentation and training, implementing and maintaining standards for ACLs will not work.

Document, document, document Everything must be written down and understood by everyone. Checks must be in place to ensure consistency.

Posted by Mike Wetherbee At 9:29 AM | Location Beverly, MA | Permalink | Comments (0) |      

Category ACLs Notes Security
Traditionally, Domino developers have been able to create applications at will, using a rapid application development (RAD) approach with no hard and fast rules for controlling the applications once they were put onto the production servers. This, coupled with the fact that over time development teams grow and change, application growth has gone unchecked.

By the way this is not a theory, I have been witness to this exponential growth in many of the organizations I have visited. That being said it is not a logical stretch to make the assumption that if application growth is going unchecked, ACL settings must also be in a form of disarray.

To help you better manage your ACLs, I’ve come up with 7 steps for ACL compliance. Actually, they are more than just steps, but a plan to be executed in a specific order and in a timely manner. (more)

Posted by Mike Wetherbee At 2:02 PM | Location Beverly, MA USA | Permalink | Comments (8) |      

Category Notes Security ACLs
Due to the lack of true enterprise monitoring and control, the ACL, once thought of as the last bastion of security in Lotus Notes, is potentially the most susceptible layer of security in Notes.

The idea behind a ring defense or depth defense for security purposes in the IT world is to present a series of layers in security that are incrementally more difficult to break through due to the variety and robustness of each layer. The first layers should be designed in way that would alert a proper party when an attempted breach occurs. This will provide the security team the time to assess the breach and adjust the internal rings according to the type of breach that occurred. The last layer or closest layer to your data should logically be the most robust and flexible layer for the dual purpose of keeping potential holes in security from happening as well as if they happen providing the flexibility to make adjustments quickly to close holes that did occur.

Lotus Notes uses a depth or ring security model where OS and server security makes up the outer layers and the ACL makes up the inner layer of a security defense that protects data stored in a Notes database.

In the past couple of years I have seen many Notes environments that suffer from increased application proliferation and consequently an overwhelming lack of control. The corollary I am attempting to make here is that if the application proliferation is out of control how far behind can the ACL settings in each application be. When asked, most Notes administrators will say that they feel that their ACLs are under control. With a little pressure to take a quick look at some of the applications they will soon admit to having no idea how most of the applications' ACLs are set. Does this sound familiar to you?

Posted by Mike Wetherbee At 10:35 AM | Location Beverly, MA USA | Permalink | Comments (1) |      

Category Application Development Build Process
I've been exposed to a variety of Notes environments. Like John Coolidge (see his recent post Application development in production anyone?), I have also seen everything from single tiered environments--yes development in production--to severely tiered environments, which in my opinion is anything above four. In most of the multi-tiered environments there is typically a user centric testing environment. It is this tier, in most Notes shops, that development teams appear to have issues managing. The following are some examples of the issues I've encountered:

• How do we manage mail send functions in the UAT environment so that I am not mailing everyone in the company?
• How do I get the users to stop using the test database after the design changes have been moved to production?
• How do I get the test data into the production environment after testing is complete?
• How do I get users to test?

And, here are some examples of some solutions I have seen to some of these issues:

• Set the router on the test server to route to itself and only to one mail file then set up a view in that mail file that shows mail by user so each tester can go look at the mail pertinent to them.
• Set up a splash page in the database so that when it is on the test server it launches a page that says "THIS IS A TEST DATABASE". When in production it launches normally.
• Make the test database a replica of production.
• Refuse to move any new enhancements into their production databases until the users have tested old enhancements that are currently untested in the UAT environment.

As I stated above, these are some of the examples of issues and solutions. If I were to record all of the issues and potential solutions in this entry, you'd be really bored ;). So with this in mind I am moving forward with an effort to create some general guidelines for setting up a usable test environment with all of the feedback I currently have and any future feedback I will collect from my on site visits as well as any feedback I receive from this vehicle, so bring it on!

Hopefully, we can produce something somewhat valuable for the Notes development community. I'll keep you posted.

Posted by Mike Wetherbee At 4:35 PM | Location Beverly, MA USA | Permalink | Comments (6) |