OGC

[Ranger01]

[bstrawse]

As for the Safety and Security Director resigning because he was ignored by people about not running AV software (let alone current AV software) on their system, yes, he was smart to do so. I would too. I wonder if their POS is PCI-DSS compliant, if not, that's a huge problem on many levels, but those problems aren't his anymore, so good for him.

Ignorance is forgivable, but stupidity is not.

The software being used is PCI-DSS compliant - but PCI also covers, as you know I think, the network, physical access to machines, storage, record keeping, and so on... I'm responsible for some aspects of PCI compliance at work :/
b

[bstrawse]

server cost went to 4k

Another point........last safety and security director resigned in part due to being concerned and ignored about running the POS system online with no anti virus installed.

4k? Man.......

I have a Dell PowerEdge 2650 running Debian with 8GB ECC RAM and 5 x 143GB 15,000 rpm SCSI HDDs setup in a RAID 5 configuration in my home server room and it didn't cost me anywhere near $4k - and I'd be it'd be MORE than enough server for whatever OGC needs. It cost me $250 for the hardware, the OS was free, my time (if I were to bill it out for a customer) is $100 an hour, and there's no way my investment was anywhere close to $4,000 to set it up.

I'm truly curious...what are the specs on their server, what's its' purpose, what software does it run, etc?

As for the Safety and Security Director resigning because he was ignored by people about not running AV software (let alone current AV software) on their system, yes, he was smart to do so. I would too. I wonder if their POS is PCI-DSS compliant, if not, that's a huge problem on many levels, but those problems aren't his anymore, so good for him.

Ignorance is forgivable, but stupidity is not.

I believe the server is related to the network at the club - not for the website, but I could be mistaken.

I host multiple websites, including the one with the nude pics of ttousi, on a $100/month server -- lots of different ways to skin that one...
b

[ttousi]

POS is the system that has been in place for several years and works fine...........Intuit Quickbooks for program. Master is Reg 1 slave is Reg 2. IT couldn't get them to communicate so they dumped the Norton.

[XDM45]

IIRC, the old POS was on a system which was very old. So old that the guy who wrote it, the only guy who could update it ... died ...

Legacy software and hardware = never a good thing.

As for the Safety and Security Director resigning because he was ignored by people about not running AV software (let alone current AV software) on their system, yes, he was smart to do so. I would too. I wonder if their POS is PCI-DSS compliant, if not, that's a huge problem on many levels, but those problems aren't his anymore, so good for him.

Ignorance is forgivable, but stupidity is not.

The software being used is PCI-DSS compliant - but PCI also covers, as you know I think, the network, physical access to machines, storage, record keeping, and so on... I'm responsible for some aspects of PCI compliance at work :/
b

Exactly. It must be secure and compliant on all levels in all areas.

I believe the server is related to the network at the club - not for the website, but I could be mistaken.

File server maybe? A DC running AD?? What exactly do they need that could warrant the cost of Still...$4,000???

POS is the system that has been in place for several years and works fine...........Intuit Quickbooks for program. Master is Reg 1 slave is Reg 2. IT couldn't get them to communicate so they dumped the Norton.

Norton, Trend Micro (formerly PC-illin), McAfee = junk. Best AV I've found is 1) Eset NOD32 2) Kapersky 3) AVG

I agree with IT for dumping Norton, but if I had an IT Department/Staff/Company which left a Windows-based PC without AV software on it -- especially one which is doing financial transactions and needs to be in compliance with PCI-DSS, I'd dump that IT for one that can actually fix the issue.

As in many areas of life and work, there are varying degrees of skill and people in the IT field...some good, some bad, some very much so either way, but troubleshooting is Basic 101 and if they can't do that and properly solve an issue that simple, fire them.

[plblark]

The other issue is that they're all volunteers and they're FAR past the normal member level time commitment. Heck, by March with just board and member meetings alone and NO outside special meetings or work they'd be past normal member time commitment.

[rugersol]

fire them.

... or at least, cut their pay!

I usually pry Norton off any machine I get ... preemptively!

[ttousi]

The other issue is that they're all volunteers and they're FAR past the normal member level time commitment. Heck, by March with just board and member meetings alone and NO outside special meetings or work they'd be past normal member time commitment.

IMHO......... IT work should be subbed out so it's done right and in a timely manner.....FWIW

[bstrawse]

Details for a small business (OGC would fall under this category) for securing computers and systems that accept credit card information can be found at:

https://www.pcisecuritystandards.org/smb/

b

[XDM45]

The other issue is that they're all volunteers and they're FAR past the normal member level time commitment. Heck, by March with just board and member meetings alone and NO outside special meetings or work they'd be past normal member time commitment.

IMHO......... IT work should be subbed out so it's done right and in a timely manner.....FWIW

As long as it's not to an HB1 Visa Worker or someone in Mumbai, India, maybe. Subbing it out won't guarantee it's done correctly any more than an amateur attempting to do it themselves. the key isn't subbing it out, the key is having the right people do the right things in the right way. I've seen in-house bork a system just as easily as a 3rd party contractor / IT company.

Part of the problem will be, if you don't know what questions to ask, or what the right answers are, how can you find someone qualified to do the job? Well, true that. I can take a look at the system if you like. If you'd like my qualifications and references, contact me if you are someone who can make a decision for OGC. If you know someone who is really good in IT, but this job is too small for them, have them interview me and put on their b.s. detector. They won't have any hits from me on it.

[djfranta]

Any chance a summary of either town hall meeting will be posted for members unable to attend?

Maybe someone could record and post to the members section on the website?

I agree a summary of proposed bylaw changes would also be great.

[goalie]

Feels like we're trying to become another Minnetonka sportsmans club.

I was able to take a friend out to Minnetonka Sportsman's Club today at 11:30. Shooting starts at noon on Sunday. We picked the far right lane with the 25, 50 and 100 yard targets before anyone else showed up and were able to shoot 5 rifles, re-re-re-re-re-re-rechecking zeros and practicing with a .22 and be done in an hour.

The Sunday before deer opener.

The range wasn't even crowded.



Oh, wait, I get it, you meant that as a slam, not a compliment......

[bstrawse]

Did anyone go today? If so, a brief recap would be appreciated. Unfortunately, I was in NRA Shotgun Instructor class and couldn't make it...
b

[ttousi]

Seems the board members had more of the same directed their way

SS was there............calling the bridge troll

[samginko]

"I was able to take a friend out to Minnetonka Sportsman's Club today at 11:30. Shooting starts at noon on Sunday. We picked the far right lane with the 25, 50 and 100 yard targets before anyone else showed up and were able to shoot 5 rifles, re-re-re-re-re-re-rechecking zeros and practicing with a .22 and be done in an hour.

The Sunday before deer opener.

The range wasn't even crowded.



Oh, wait, I get it, you meant that as a slam, not a compliment......"





Minnetonka sounds good, what's the cost of membership? Because, I'm in!