Ask HN: First job in IT, what best practices should I get in to?

One best practice is to RESPECT the people who built the systems that are already in place. Think about it, they were able to achieve so much financial success that they were able to hire the best and brightest: YOU

So, respectfully implement the obvious stuff like version control, backups, etc and leave all of the 'can you believe how crappy this is' attitude at home. I'm extrapolating a bit from your 'horrendously designed' and 'zero knowledge' comments. Those people probably still work there, or are thought of fondly by the people who remain!

I'd recommend starting out early with good password management. KeePass Professional Edition is what I use since it offers several huge advantages.

First, you only need to come up with one good password (the one for the actual password file). If you ever leave the job, you just have to give them that one password and they can access the rest.

Second, it makes it easy for you to have good passwords for your resources. Plus, each resource can have a different password, so it may help limit the spread of an attack.

Third, if the company hires more IT staff, you can just copy the password file, rename it, change the password, give it to the new person, and have them change the password again. Probably not the best solution for 5+ people, but works well enough in small groups.

Fourth, KeePass offers a portable installation, which you can stick in Dropbox, on a usb drive, or wherever (no internet access needed). This is really helpful when you need to type in the password to the firewall that just took down the internet to your network.

Fifth, it's open source and free!

If there are key critical systems, you want to have some documented plans down to checklists of things to do if there is some sort of emergency. I work in BigCo and having redundancy is nearly mandatory for all of our critical stuff. That may not be affordable for a small business, although if you phrase it in a way that electrical engineers would understand (fail safe like a GFCI interrupt or breaker) they might buy into it for a critical system. Bad things happen and if you can get them back up and running ASAP (e.g. failover to redundant system) and then fix the broken system you'll have less headaches.

Setup version control and use it, it's like having a time machine if you mess something up and need to get back to a working state. Git is all the rage, but Subversion is simple to setup and run and understand. It's just you so having a distributed VCS isn't likely to reap any rewards.

Use an agile approach when delivering features/changes. Build an entire "vertical" of a change like say moving one app from MS Access to a Web UI completely (or whatever you're going to move it to). If you design and develop each layer, like db access, business objects, UI in serial fashion then it will be a longer time before end users can give you feedback. Get that feedback as early an often as possible.

Sounds like you're off to a good start! :) Getting everything backed up soon is important; if things were implemented marginally, you don't know how long it will run before something crashes or hardware dies. Without a backup, you could then be in a rough spot... Also make sure that you test out the recovery from backup. I think documenting as you go is a great step, and is an easy way to generate a regular status report to show your boss what you've accomplished. You might want to start looking into the hardware that the systems are running on; are they working reliably, is there any redundancy (RAID, multiple servers, etc) and/or spare parts available. Once things are stabilized, I would continue refactoring the databases without making any user-visible changes (besides the improved performance once indexes are added :) Good luck!

The situation you describe is probably not that uncommon.

The habits I'd recommend are general enough that they'd apply everywhere: Documentation and testing of all kinds. An ingrained resistance to be tied to any one technology, platform or stack. Clear communication. A curious mind.