Sunday 14 February 2010

Management tools - command & control risk?

So those who know me, understand just how much I loathe FUD but here's a question I've been posed for some time, and have been asking each IT vendor I meet.

The more common silo'd IT infrastructure is (thankfully) rapidly consolidating and moving to a 'shared infrastructure' approach, with individual assets providing service to more and more concurrent application. Naturally there is a push to improve the management tools for such things (well lets face it they couldn't get much worse), to enable fewer people to manager wider logical estates, combined with a much more dynamic & agile configuration time-frame.

We hear lots about these management tools being based upon a role based access & security model (in effect domaining/sharding the size of the risk an individual can create), but :-
"How many of these tools allow for a 'peer approval required' model ('4 eyes better than 2') against certain actions?"
The request here is to be able to restrict certain destructive and/or disruptive management configuration actions to require two (or more) administrators to 'sign' the change before the system accepting & enacting the action. Thus allowing a small quantity of administrators in a company to continue to have a very wide view of the estate, but to hopefully mitigate against the risk of a lone admin actions (malicious, accidental or otherwise). The role based approach appears to either drive up the overall quantity of FTEs needed or a significant compromise of the role segregation model.

Think here about just how many SAN/LAN switch ports, LUN configurations, virtual servers or backup/recovery jobs can be impacted in 10 minutes with these centralised tools, by a lone sysadmin with legitimate password & authorisation?

Time for the technology to match the human issues and processes?

1 comment:

  1. How about time to hire guys you trust and stop outsourcing critical infrastructure to guys who don't even know how to pronounce their last names?

    Personally, thats what I think the problem is.

    People are suddenly realizing there is maybe a not so obvious issue with having some guy who does not even work for your company, who does not care, and who probably does the same work for your competitor do critical infrastrucure management.