CM or Die
For the IT professional, Configuration Management is probably one of the most despised yet one of the most important functions of the job. Performing configuration management tasks is only a shade more interesting than watching paint dry. Forms, paperwork, documentation – tedious and laborious tasks by any individual’s definition. Most professionals I know would rather have their toenails ripped out. However, a solid configuration management program pays significant dividends.
Before jumping into the benefits, let’s start with the basics. What is configuration management? Technically speaking, configuration management is an engineering process used to ensure that a system’s attributes remain consistent with operational requirements. In other words, it’s the process we use to make sure that changes don’t break anything.
Believe it or not, most complex systems are not just thrown together; these systems are designed to satisfy a specific purpose. However, nothing is this life is static. Hardware parts become discontinued, new software versions are released, and operational needs evolve. All these changes could significantly impact the ability of the original system to perform its function. Hence, the need for configuration management is very real.
How does this relate to the world if information technology? Well, I’m sure that most of us have unboxed a new computer and deployed it to a user. We’ve taken care to set all the correct policies. Every application is installed according to the checklist. The new computer runs without a flaw. The user logs on and expresses amazement on how fast their new machine runs. We’ve attained hero status in their eyes. Life is good.
Then a week goes by, and we get a call from our new best friend, except they aren’t happy now. The brand new desktop that we delivered last week runs dog slow. The user demands to know why we would give them that piece of trash. Fix it or else!
We take the computer back to the shop. It only takes about two minutes to discover the problem – a combination of adware and an unauthorized VM successfully suck up all the resources. Mystery solved.
Of course, this is just an example. In the enterprise world, software restriction policies would prevent the installation of new applications, and no respectable IT professional would ever provide local admin privileges to a user. The consumer market is a little more troublesome, but the moral of the story remains valid: Bad configuration management inevitably leads to poor and unpredictable system performance.
Perhaps more seriously, system security demands proper configuration management. The system design specifies component configurations that guard against unauthorized access. A configuration management process requires a review of system changes before installation to avoid creating vulnerabilities. In addition, a configuration audit procedure periodically verifies that devices are configured correctly for security and do not provide a path for access.
All this said, one truth still remains – performing configuration management tasks are incredibly boring. I’m sorry, but I have no solution to that. All I can say is that your users greatly appreciate your efforts to provide a stable and secure environment.