Md.

Zahidul Islam Zahid

Maintenance Engineer
Back Office, A&BD, Head Office
zahid.islam@bb.org.bd
End User & End ICT hardware

 The end user is the person who uses the software or

hardware after it has been fully developed, marketed,
and installed.
 In Bangladesh Bank, Major end ICT hardware are PC,
Laptop, IP Phone, Monitor, Keyboard, Mouse, Printer,
Scanner, UPS etc.
 The main Goal of end devices is to provide service to
end users.

22:19:12 2
ICT infrastructure
 Set of ICT components that are the foundation of an
IT service.
 Typically physical components (computer and
networking hardware and facilities), but also various
software and network components.
 The fields of IT management and IT service
management rely on IT infrastructure

22:19:12 3
ICT infrastructure (contd..)
 The ITIL(Information Technology Infrastructure
Library) framework was developed as a set of best
practices with regard to IT infrastructure.

 Includes computer hardware, servers, network

connectivity with accessories, data center plant,
storage system, security systems (CCTV, access
controls etc.), power solutions (UPS, IPS etc.) and all
necessary equipments.
22:19:12 4
ICT infrastructure (contd..)

Typical
ICT
Infrastructure

22:19:12 5
Hardware/ICT infrastructure Administration

Goal
 Ensure that computer systems and all related services
are working well.
 Ensure the effective use.
 Ensure the security (physical and logical).
 Optimal Utilization

22:19:12 6
Who we are…..here….

 IT Professionals  Business Professionals

 HO IT Departments  CSD-1
 HO Other than IT  SMD
Departments  IAD
 Branches  DBI
 A&BD
 Branches

22:19:12 7
Hardware/ICT infrastructure Administration (contd..)
Areas Covered:
 Procurement(CSD,A&BD,IT)
 Assets & Inventory(All, CSD, IT)
 Decommissioning (CSD, IT)
 Disposal mechanisms(CSD, IT)
 Authentication(CSD,IT,SMD)
 Maintenance(IT)
 Data- in- transit protection(IT)
 Data- at-rest protection(IT)
 Bring-your-own-device
policy(All, CSD,IT)
 Policies for BB
 Policies for Banks & FIs
22:19:12
 Technical specifications (CSD,IT)
 Mandatory and upgradable versions software
specifications(CSD, IT)
 Characteristics of storage encryption
technologies(IT)
 Storage encryption technology planning and
implementation (IT)
 Alternatives to encrypting storage on end user
devices(IT)
 Physical Security of End Devices(All, SMD)
 Accessibility by persons with disability(SMD)
 Audit & Compliance (IAD,DBI)
8
Procurement…….

Procurement Entity:
 As per ICT Hardware and Software Usage & Disposal
Policy CSD-1 of Head Office and all branch Office (small
scale & within limit) may perform ICT Procurement.
 ISDD of Head Office also perform ICT procurement
(Infrastructure, Network Devices, Br. Office Server room
related devices etc.)
 Besides under many projects performed by FSSSPD & other
departments of Head Office also procure ICT Assets.
22:19:12 9
Procurement…….

IT Asset Analysis for Procurement:

 Departments/branch offices will place demand for ICT
hardware & software through proper channel to CSD-1.
 CSD-1 will accumulate all the demands and place
before the Computer committee.
 Computer committee will review the demands and
forward to CSD-1 with proper justification/
recommendation for further necessary action
22:19:12 10
Procurement…….

IT Asset Procurement Method:

 Perform ICT procurement based on Bangladesh Bank
Procurement Rules (BBPR) 2004 & Public Procurement Act
2016 (amendment). Bangladesh Bank (Expenditure)
Regulations, 1977 (amendments up to October, 2003)
 Common Methods:
a. DPM (Direct Procurement Method)
b. RFQ (Request for Quotation)
c. LTM (Limited Tendering Method)
d. OTM (Open Tendering Method)
22:19:12 11
Procurement…….
IT Asset Procurement Process:
 Procurement processes are automated by SAP-MM Module.
 Therefore every ICT Asset has a unique SAP Asset No. Which is
important for Inventory management.
MM Module Procurement Procedure:
 Create Estimate / Create Purchase Requisition & Approve Purchase
Requisition by Designated Authority
 Create Request for Quotation & Generate Printout of Request for
Quotation
 Enter Quotations & Compare Quotations and Reject Vendors
22:19:12 12
Procurement…….

MM Module Procurement Procedure (Contd.):

 Create Purchase Order & Approve Purchase Order by

Designated Authority
 Generate Printout for Purchase Order
 Enter Goods Receipt / Enter Service Entry Sheet &
approve Service Entry Sheet by Designated Authority
 Park Invoice & Release Invoice
 Post Invoice
22:19:12 13
Procurement…….

MM Module Procurement Procedure (Contd.):

 Create Purchase Order & Approve Purchase Order by

Designated Authority
 Generate Printout for Purchase Order
 Enter Goods Receipt / Enter Service Entry Sheet &
approve Service Entry Sheet by Designated Authority
 Park Invoice & Release Invoice
 Post Invoice
22:19:12 14
Assets & Inventory…….
BB uses various types of ICT Assets:
• Software
• Hardware
• Infrastructure (DC, NDC, DR & Br. Office Server Room)
• Each of these types may categorized into sub class/type
• We will focus on End user devices

22:19:12 15
Assets & Inventory…….
IT Asset Distribution Process:
 CSD-1 of Head Office distribute as per demand from
Office/departments.
 Distribute laptops among the employees with index no./SAP ID.
 Laptops have to be distributed by name to the employees who have
05(five) years or more active service.

22:19:12 16
Assets & Inventory…….
IT Asset Inventory Management:
 CSD-1 maintains up-to-date inventory for all ICT hardware and software.
 The inventory of in-house developed software will also be maintained by ITOCD and
ISDD.
 Laptops have to be returned to CSD-1 in case of Lien/Deputation.
 Any employee nominated for study at home and abroad by Bangladesh Bank
will be allowed to possess his/her laptop.
 An employee goes on study leave for home and abroad arranged by
himself/herself must return the laptop to CSD-1.
 In case of dismissal or resignation or PRL employee must surrender laptop to
CSD-1.

22:19:12 17
Decommissioning…….

22:19:12 18
Decommissioning……..
বাাংলাদেশ ব্াাংক থেদক এবার তে্ চুরর
থ ালাম মওলা
প্রকারশত: ২২:৩৮, অদটাবর ১৫, ২০১৮ | সবদশষ
ব আপদেট: ২২:৪০, অদটাবর
১৫, ২০১৮

 বাাংলাদেশ ব্াাংদকর ররজার্ব থেদক ১০ থকাটট ১০ লাখ েলার চুররর থরশ না কাটদত আবারও ব্াাংকটটর তে্
চুররর ঘটনা ঘদটদে। এবার র্ুয়া আদবেদন সাড়া রেদয় থকন্দ্রীয় ব্াাংদকর কমকতব ব ারা প্রদয়াজনীয় তে্ তু দল
রেদয়দেন প্রতারক চদের হাদত। প্রতারক চেটট থকন্দ্রীয় ব্াাংদকর তে্ থপদত পররাষ্ট্র মন্ত্রণালয়দক হারতয়ার
রহদসদব ব্বহার কদরদে। রবষয়টট ধরা পড়দতই দ্রুত ব্বস্থা রনদত থকন্দ্রীয় ব্াাংদকর র্নরব ফজদল করবদরর
কাদে একটট রচটি পাটিদয়দেন পররাষ্ট্র সরচব থমা. শহীেুল হক। সাংরিষ্ট সূদে এই তে্ জানা থ দে।
 ত ৯ অদটাবর পররাষ্ট্র সরচদবর পািাদনা রচটিদত বলা হদয়দে, থকন্দ্রীয় ব্াাংদকর তে্ চুররর রবষদয় দ্রুত
ব্বস্থা রনদত র্নরদক
ব অনুদরাধ কদরদেন পররাষ্ট্রমন্ত্রী আবুল হাসান মাহমুে আলী। অবশ্ ফজদল করবর
থেদশর বাইদর োকায় রচটি পাওয়ার রেনই (১০ অদটাবর) দ্রুত ব্বস্থা রনদত সাংরিষ্ট রবর্াদ র কমকতব ব াদের
রনদেব শ রেদয়দেন থেপুটট র্নরব আহদমে জামাল।
 এ প্রসদে জানদত চাইদল বাাংলাদেশ ব্াাংদকর মুখপাে রসরাজুল ইসলাম বাাংলা টিরবেনদক বদলন, ‘এই
ধরদনর ঘটনার একটট রবষয় আরম শুদনরে।’ থকন্দ্রীয় ব্াাংক কী ব্বস্থা রনদয়দে—এমন প্রদের জবাদব রতরন
বদলন, ‘সাংরিষ্টদের সদে আদলাচনা কদর আ ামীকাল (মেলবার) জানাদত পারদবা।’
 জানা থ দে, ত থসদেম্বর মাদস পররাষ্ট্র মন্ত্রণালদয়র পররচালক (ইেএন বা জারতসাংঘ অনুরবর্া ) পররচয়
রেদয় জননক নারসর আহদমে থেদশর সব তফরসরল ব্াাংদকর পররচালনা পষদের ব থচয়ারম্ান ও ব্বস্থাপনা
পররচালদকর (এমরে) তারলকা থচদয় বাাংলাদেশ ব্াাংকদক রচটি পািায়। ওই রচটি পাওয়ার পর থকন্দ্রীয়
ব্াাংদকর কমকতবব ারা নারসর আহদমেদক তফরসরল ব্াাংদকর পররচালনা পষদের ব থচয়ারম্ান ও ব্বস্থাপনা
পররচালদকর তারলকা রেদয় থেন। বাাংলাদেশ ব্াাংক থেদক নারসর আহদমেদক তারলকা থেওয়ার পর ত ১৭
থসদেম্বর রবষয়টট পররাষ্ট্র মন্ত্রণালয়দক জানাদনা হয়। এরপরই এই জারলয়ারতর ঘটনা ধরা পদড়। কারণ,
নারসর আহদমে নাদম পররাষ্ট্র মন্ত্রণালদয় থকানও পররচালকই থনই।
22:19:12 19
Decommissioning………
বাাংলাদেশ ব্াাংক থেদক এবার তে্ চুরর
থ ালাম মওলা
প্রকারশত: ২২:৩৮, অদটাবর ১৫, ২০১৮ | সবদশষ
ব আপদেট: ২২:৪০, অদটাবর
১৫, ২০১৮

 বাাংলাদেশ ব্াাংদকর র্নরব বরাবর পািাদনা পররাষ্ট্র সরচব শহীেুল হক স্বাক্ষরিররত রচটিদত বলা
হয়, ‘ ত ১৭ থসদেম্বর বাাংলাদেশ ব্াাংদকর ব্াাংরকাং প্ররবরধ ও নীরত রবর্া থেদক আমরা একটট
পে পাই। যার মাধ্দম তোকরেত নারসর আহদমে, পররচালক (ইেএন) এর েৃটষ্ট আকষণব
করত, থেদশর সব তফরসরল ব্াাংদকর পররচালনা পষদের ব থচয়ারম্ান ও ব্বস্থাপনা
পররচালকদকর তারলকা থেওয়া হদয়দে। রচটিদত বলা হদয়দে, পররাষ্ট্র মন্ত্রণালদয় নারসর
আহদমে নাদম থকানও পররচালক কমরত ব থনই। জারতসাংঘ অনুরবর্াদ ও (ইেএন) এই নাদম
থকানও কমকতব ব া বা কমচারী
ব কমরতব থনই। এ কারদণই পে পাওয়া মাে আমরা বাাংলাদেশ
ব্াাংদকর সাংরিষ্ট শাখায় থযা াদযা করর। জানদত পারর, পররাষ্ট্র মন্ত্রণালদয়র পররচালক
পররচালক (ইেএন) পররচয় রেদয় জননক নারসর আহদমে সব তফরসরল ব্াাংদকর পররচালনা
পষদেরব থচয়ারম্ান ও ব্বস্থাপনা পররচালদকর তারলকা থচদয় বাাংলাদেশ ব্াাংদকর ব্াাংরকাং
প্ররবরধ ও নীরত রবর্াদ র কাদে জাল রচটি পাটিদয়দেন। যার পররদপ্ররক্ষরিদত ওই ব্ক্তিদক তারলকা
পািাদনা হদয়দে। আমরা ওই রবর্া থেদক আরও জানদত থপদররে, ব্াাংরকাং প্ররবরধ ও নীরত
রবর্া থেদক জারলয়াতকারী নারসর আহদমেদক ওই তারলকার সফট করপ ই-থমইদলর
মাধ্দমও পািাদনা হদয়দে।’
 রচটিদত পররাষ্ট্র সরচব েদেখ কদরন, পররাষ্ট্রমন্ত্রী এ রবষদয় দ্রুত ব্বস্থা রনদত অনুদরাধ
জারনদয়দেন।
 প্রসেত, ২০১৬ সাদলর ৪ থফবরুয়ারর যুিরাদষ্ট্রর থফোদরল ররজার্ব ব্াাংক অব রনেইয়দকব
(থফে) ররক্ষরিত বাাংলাদেশ ব্াাংদকর রহসাব থেদক ১০ থকাটট ১০ লাখ েলার চুরর হয়। পাাঁচটট
22:19:12 20
Depreciation & Disposal….
Depreciation:
 Total useful life time of PC, Laptop, Server and other hardware
will be 5(Five) years.
 For AS-400 midrange computer life time will be 10 (Ten) years.
 For software life time will be 10 years.
 Depreciation should be calculated on the straight line method.
Straight Line Depreciation = (Purchase Price of Asset -
Approximate Salvage Value) ÷ Estimated Useful Life of Asset

22:19:12 21
Depreciation & Disposal….
Disposal procedure
ITOCD will investigate the request properly and will take either of
the following decisions:
a. hardware/software is repairable/updateable/ upgradeable
b. hardware/software is reusable (in case of replacement due to
lower configuration )
c. hardware/software is permanently obsolete due to unavailability
of spares or any other unrecoverable or unavoidable causes
d. hardware may be dismantled and used for spare parts purpose

22:19:12 22
Depreciation & Disposal….
After the decision the following measures will be taken:
 If the hardware/software is repairable/updateable/
upgradeable ITOCD/ ISDD will take necessary
initiatives/steps for the same.
 In case of replacement of higher configuration then
considering the necessity of the user the
hardware/software may be redistributed within the
department/office or other department/ office or it may be
distributed to Bangladesh Bank Schools or anywhere else
as per management decision as part of Corporate Social
Responsibility(CSR).
22:19:12 23
Depreciation & Disposal….

When the hardware/software is treated as

permanently obsolete the hardware/software may be
disposed of by CSD-1 through auction or may be
crashed as per management decision
Incase of branch offices similar steps of disposal
should be followed by respective branch offices.

22:19:12 24
Depreciation & Disposal….

 Before disposal /re-distribute/send to vendor for

claiming warranty it must be confirmed that the
hardware contains no data.
 For security HDD must be preserved BB premises
instead of warranty claim
 Policy/Law should be formulated regarding HDD
management with vendor
 Special care should taken with handling storage.
22:19:12 25
Maintenance…..
PC Configuration Management:
 To eliminate as many risks and threats to a computer system as necessary.
System Hardening:
 Hardening refers to providing various means of protection in a computer
system.
 Protection is provided in various layers and is often referred to as defense in
depth.
 Protecting in layers means to protect at the host level, the application level,
the operating system level, the user level, the physical level and all the
sublevels in between. Each level requires a unique method of security.

22:19:12 26
Maintenance…..
PC Configuration Management (contd.)
Common hardening activities for a computer system include:
 Keeping security patches and hot fixes updated
 Monitoring security bulletins that are applicable to a system’s operating system
and applications
 Installing a firewall
 Closing certain ports such as server ports
 Not allowing file sharing among programs
 Installing virus and spyware protection, including an anti-adware tool so that
malicious software cannot gain access to the computer on which it is installed

22:19:12 27
Maintenance…..
PC Configuration Management (contd.)
Common hardening activities for a computer system include:
 Keeping a backup, such as a hard drive, of the computer system
 Disabling cookies
 Creating strong passwords
 Never opening emails or attachments from unknown senders
 Removing unnecessary programs and user accounts from the computer
 Using encryption where possible
 Hardening security policies, such as local policies relating to how often a
password should be changed and how long and in what format a password
must be in

22:19:12 28
Maintenance…..
PC Configuration Management (contd.)
 Every PC should maintain a standard configuration before using it in BB
Network.
 ITOCD formulate a standardization process for system as well as operating
system hardening.
 BB’s PC Standardization include:
I. Operating System: Windows 10(64 bit).
II. Drivers: All Hardware Drivers and commonly used Printer drivers required
to be installed.
III. Partition: C: 250, D: 250 (2 Drives, 500GB HDD).
IV. Office 2007(12.0.4518), Office 2016 for next lot PC.

22:19:12 29
Maintenance…..
PC Configuration Management (contd.)
 BB’s PC Standardization include(contd..):
V. Bijoy Ekhushe-2011(1.0.0),(Conversion addins for Unicode).
VI. Foxit Reader (7.1.3)
VII. MS Word Addins for PDF (12.0.4518)
VIII. Winrar (5.10.0)
IX. Flash Player (19.0.0)
X. Java (7.0.150)
XI. Adobe Reader (10.0.3)
XII. BB Purchased Antivirus (8.8.066)
XIII. Monitoring tools / Agents
XIV. Windows Firewall will be managed by Antivirus.

22:19:12 30
Maintenance…..
PC Configuration Management (contd.)
 BB’s PC Standardization include(contd.):
XV. Windows Auto Update: ON
XVI. Remote Desktop: OFF
XVII. Domain group “MGP” should be added on Administrators group.
XVIII. Temporary Local User “supplier” with Administrative privilege will be created and have to
disable after finishing of vendor work.
XIX. Temporary Domain User “Flora2016” with Admin Power will be created in domain and have
to disable after finishing of vendor work.
XX. HP Recovery Drive: Not required & restore point must be set.
XXI. BIOS must be protected with Password.
XXII. CD &USB Boot menu in BIOS must be Disabled/Password Protected.
XXIII. Physical Lock System (For next Lot).

22:19:12 31
Maintenance…..
PC Configuration Management (contd.)
 BB’s PC Standardization include (contd.) :
xxv. Internet Explorer: Present Version “Microsoft Edge 25” with compatibility mode enabled for
banking purpose.
xxvi. USB Ports for storage devices must be blocked from windows group policy.
xxvii. Windows Log must be preserved for 1(One) Year on C Drive and preserve log on other drive
when new OS installation required in case of OS failure.
xxviii. Disable Unwanted Services for “One drive” & “Skype”.
xxix. Disable NetBIOS.

22:19:12 32
Maintenance…..
Maintenance & Service Level Agreement (SLA) Management
 Perform Vender management including Service Level Agreement (SLA) and service escalation matrix
Maintenance:
Under warranty period
 CSD-1/ITOCD will ensure vendor support on ICT hardware & software covered under warranty
period. CSD-1/ITOCD will monitor these support
 services and maintain escalation matrix as per contract.
Post warranty period
 ITOCD/ISDD will provide support on ICT hardware & software for the post warranty period

22:19:12 33
Maintenance…..
ICT Support/End user Support:
Communication & Maintenance Division of ITOCD and ICT Cell of respective office provide all kinds
of ICT related support to end users. This may be categorized as:
a. Hardware
b. Software/Application
c. Network
d. Others
Users can create an incident regarding any ICT support through this link http://helpdesk.bb.org.bd

22:19:12 34
Maintenance…..

ICT Support/End
user Support with
ICT Help Desk:
1. Login with
domainID
2. Create Incident
by clicking New
Incident Tab

22:19:12 35
Maintenance…..

Helpdesk
(Contd.):
 New Incident
Creation:

22:19:12 36
Maintenance…..

22:19:12 37
Maintenance…..

Help Desk (Contd.):

> Manage Incident:

22:19:12 38
Maintenance…..

ICT Support/End user Support with ICT Help Desk (Contd.):

> Business Support (POC)

22:19:12 39
 Maintenance…..

MAC Binding:
 Introduce for BB Network Security.
 Every Switch port is allowed to bind 02/03 MAC
 If the port limit is full or unknown MAC learn then the port is
disabled automatically.
 Port can be blocked for internet use while the packet limit has
exceeded.
 Flooding detection

22:19:12 40
Maintenance…..
FTP Server for Driver/Software/Utilities
 ITOCD configure a ftp server for online repositories of various
device drivers, application & utilities software:
Browse: http://10.41.240.17 this link with following
credentials:
User:
Password:

22:19:12 41
IT Asset Life Cycle Management…..

22:19:12 42
IT Asset Life Cycle Management…..
Windows Product (OS) Life Cycle:
Product Released Life Cycle Mainstream Extended Support
Start Date Support End Date End Date
Microsoft Windows XP 12/31/2001 4/14/2009 4/8/2014
Professional
Windows 7 January 13, 2015 January 14, 2020

Windows 8.1 January 9, 2018 January 10, 2023

Windows 10 August 2, 2016 October 12, 2021 October 13, 2026

22:19:12 43
 IT Asset Life Cycle Management…..
Windows Product Licensing:
Type Description Benefit Consideration
OEM Software Microsoft software Often the most Licenses must not be
(Original Equipment preinstalled on a new economical way to moved or transferred to
Manufacturer) PC/laptop or server purchase Windows any other hardware or
Operating System for a system.
PC or laptop

FPP Software (Full Generally sold Simple and convenient Can be difficult to track
Packaged Product) pre-packaged in a box – the box contains and manage. Expensive
everything you need for way for businesses to
installing the product buy software licenses.
Volume Licensing License for specified Flexible, designed for Requires 2 or 3 year
(purchasing in bulk, 5+ Microsoft products business. Benefits such commitment. Benefits
licenses) (covered as annual payments & vary between volume
by a license agreement) subscription options. licensing programs

22:19:12 44
IT Asset Life Cycle Management…..

Why
Should
We
Update
?????

22:19:12 45
 IT Asset Life Cycle Management…..

Ransom:Win32/WannaCrypt:
 the leaked America’s National Security Agency (NSA)
eternalblue SMB exploit
 Microsoft Security Bulletin MS17-010 - Critical
 Security Update for Microsoft Windows SMB Server (4013389).
Published: March 14, 2017, Version: 1.0
 No update for Older windows.
 WannaCry attack: 12 May 2017 – 15 May 2017 (initial outbreak)[1]
 Outcome: Over 200,000 victims and more than 300,000 computers
infected across 150 countries.
22:19:12 46
Hardware/ICT infrastructure Administration (contd..)
Areas Covered:
 Procurement(CSD,A&BD,IT)
 Assets & Inventory(All, CSD, IT)
 Decommissioning (CSD, IT)
 Disposal mechanisms(CSD, IT)
 Authentication(CSD,IT,SMD)
 Maintenance(IT)
 Data- in- transit protection(IT)
 Data- at-rest protection(IT)
 Bring-your-own-device
policy(All, CSD,IT)
22:19:12
 Technical specifications (CSD,IT)
 Mandatory and upgradable versions software
specifications(CSD, IT)
 Characteristics of storage encryption
technologies(IT)
 Storage encryption technology planning and
implementation (IT)
 Alternatives to encrypting storage on end user
devices(IT)
 Physical Security of End Devices(All, SMD)
 Accessibility by persons with disability(SMD)
 Audit & Compliance (IAD,DBI)
47
22:19:12 48
22:19:12 49