Maintain a stable and secure IT infrastructure

Maintain a stable and secure IT infrastructure

‘Maintain a stable and secure IT infrastructure’ is the destination most stakeholders clearly understand. Building the short, conversational statement that summarizes what you do?  This should be the start of any statement. 

Here’s an example:

Work force consultant:  “So what would you say it is that you do here?”

You:  “I maintain stable and secure IT infrastructure by <fill in whatever it is that you do here>”

Everything to the left of ‘by’ in the reply has some meaning to most people.  What I mean is:

  • Maintain – the actions required to make and keep the infrastructure stable and secure.  
  • Stable – you can depend on the information to be available and work as intended when you want it
  • Secure – you know that only the people authorized to access your information have access to it
  • IT infrastructure – the IT staff, hardware, software and connections that supplies the organization information

That’s the left side from the ‘by’.  Completing the right side of the ‘by’ is the short statement of your role in making the left side happen.

Maintain

The actions required to keep the infrastructure stable and secure focuses on handling change.  Change introduces instability.  Someone (usually other than you) makes a change in the normal course of their job.  To maintain stability and security, you monitor for system changes.  

  • Did the workload increase substantially on a server?
  • Was a new application loaded on an endpoint that you didn’t add? 
  • Did a new endpoint appear in the network (especially if you didn’t add it)? 
  • Is the backup completed and usable?

A monitoring system identifies potential destabilizing changes of state.  Here are examples of destabilizing changes that can be monitored:

  • A significant and ongoing increase in activity level can overwhelm the infrastructure.  The load change may go beyond bandwidth and/or server capacity.
  • Addition of malware or a virus is a change that can create a big infrastructure disruption.  Malware is a change example of new applications on an endpoint that you didn’t add.
  • A user places a home router on their network port so they can have their own personal wireless access.  The home router may have a DHCP server or weak wireless security.  The change disrupts network traffic and opens a security hole.

For most companies, the entire monitoring system is the system users.  Their monitoring results are help desk calls.  Yes, the help desk IS a source of monitoring feedback.  At the least, incidents handled by the help desk point to new areas to monitor.  Automated monitoring system warnings should displace end user help desk calls.  Monitor notifications provide out of tolerance variances and become help desk incidents. See the ITIL practices:  Problem management and incident management.

Having a monitoring system, and acting on it’s results, goes a long way to maintain stability.  See the ITIL practice:  Monitoring and event management.

Then there are the changes IT makes to the system.  Application and operating system introduction and upgrades.  Endpoint and server expansion and replacement.  Network – router, switch, access point, wiring – additions and changes. Some changes, like most wiring installation, is low risk.  Other changes – especially application changes – can cause a visible work disruption. Maintaining a stable and secure infrastructure hinges on careful handling of these controlled changes.  

  • How are changes tested?  
  • How do changes progress from development, to beta, to production?
  • Who reviews and approves the changes?
  • When does the release to production happen?
  • What rollback mechanisms are in place?

Time invested in the release process results in big increases in stability.  See the ITIL practices:  Change enablement, release management and deployment management.  For rollback mechanisms, see the ITIL practice:  Service configuration management.  

Stable

Having the programs and information available and working is a basic organizational need.  When do the services need to be available?  When anyone in the organization needs the services.  Each user judges availability when they try to access a service.   If it was available quick enough for their tastes, then you succeeded.  Using the IT infrastructure without unusual actions on their part is the stability measure.

Does that mean 24x7x365 access?  Maybe.  It depends on:

  • the services IT supports and provides,
  • the IT infrastructure investment which the organization is willing to make, and
  • the organizational work habits. 

There is always a service level agreement, even if it is only implicit.  The service level agreement identifies the services required and the expected service level.  An explicit uptime agreement for each service drives the IT infrastructure investment level.  It determines the availability  management expects users to accept  for the IT investment made. See ITIL practice:  Service level management

Secure

A  stable network requires a secure network. Less access, less information to corrupt and systems to break. Less change and less change sources. Provide too much access, you will be lucky to only have to restore information.  The consequences of the wrong information getting out may go way beyond IT concerns.    

Only organization management can determine who gets access when and to what. A secure and stable infrastructure begins with a clear process for implementing access.

An important distinction:  access is different from authentication.  Authentication determines whether a user can access the system at all.  Management says when a user can use the system.  IT establishes authentication.   Management also indicates what a user can do after authenticating to the system.  That is access.  IT grants the approved access.

Group membership helps manage access levels.  The limits on what the user can do is bound by the group access levels.

Authentication and access may involve physical barriers.  Physical barriers may be as simple as which switch port to use.  The switch port may have extra authentication requirements, such as 802.11x.  The switch port may determine VLAN membership.   The VLAN membership can restrict access to hosts within a VLAN.

Keeping the network secure relies on both security and infrastructure monitoring.  Security monitoring focuses on detecting intentional acts, such as malware installation.  The monitoring can look for program signatures and specific behavior.  Keeping a network secure requires security focused monitoring and testing.   Infrastructure monitoring looks for changes that may have a security problem as the source.  For example:  an alert may be spiking network traffic from increased activity.  A security breach may be the source of the activity increase. 

Success in keeping a network secure is a precondition to keeping a network stable.  See ITIL practice:  Information security management

 

 

Make sure the IT Infrastructure Pays for Itself