The more common silo'd IT infrastructure is (thankfully) rapidly consolidating and moving to a 'shared infrastructure' approach, with individual assets providing service to more and more concurrent application. Naturally there is a push to improve the management tools for such things (well lets face it they couldn't get much worse), to enable fewer people to manager wider logical estates, combined with a much more dynamic & agile configuration time-frame.
We hear lots about these management tools being based upon a role based access & security model (in effect domaining/sharding the size of the risk an individual can create), but :-
"How many of these tools allow for a 'peer approval required' model ('4 eyes better than 2') against certain actions?"The request here is to be able to restrict certain destructive and/or disruptive management configuration actions to require two (or more) administrators to 'sign' the change before the system accepting & enacting the action. Thus allowing a small quantity of administrators in a company to continue to have a very wide view of the estate, but to hopefully mitigate against the risk of a lone admin actions (malicious, accidental or otherwise). The role based approach appears to either drive up the overall quantity of FTEs needed or a significant compromise of the role segregation model.
Think here about just how many SAN/LAN switch ports, LUN configurations, virtual servers or backup/recovery jobs can be impacted in 10 minutes with these centralised tools, by a lone sysadmin with legitimate password & authorisation?
Time for the technology to match the human issues and processes?