IT Change Management 101: You can't change what you don't know

Different organizational aspects refuse to comply with the manual processes needed to keep a CMDB updated, and advancements in virtualization have made the situation worse

IT shops continually struggle with keeping resource documentation up to date. Too often IT departments seem resigned to accept mediocre results, as if the world conspires against them. Resource tracking is a prime example of this.

Fundamentally, the different organizational aspects refuse to comply with these manual processes to keep a CMDB updated. Furthermore, advancements in virtualization have made the situation worse, as software resources have been severed from physical resources. Traditional resource tracking methods are further confused as the virtual resources change physical location over time.

[ Keep up on each day's tech news and happenings with the InfoWorld Daily newsletter. ]

This reinforces the protests that an application's dependency profile is too complicated to be 100 percent accurate. Over time, IT has simply accepted the fact that it is totally impractical to keep the physical architecture records of systems up to date manually. Instead of trying to maintain the documentation, it is generated when needed through a time-consuming trial-and-error process, and by the time it is done, it is hopelessly out of date.

Not only is this an inefficient use of people's time, it's no way to manage some of the most important resources in an organization. These IT resources have become a digital backbone upon which most organizations are totally dependent for their very survival. The cavalier attitude toward managing IT resource inventory is dangerous at best and can prove to be catastrophic.

For instance, it's just a matter of time until the next large outage occurs. Despite the best-laid disaster recovery plans, technology has an uncanny ability to fail in unexpected ways; the combinatorial possibilities are immense. Having accurate application maps can make the difference between being the hero and goat. If individual self-preservation isn't motivating enough, there are other practical organizational reasons to keeping this information available: datacenter moves, chargeback models, and consumption analysis to name a few.

Generally this lack of inventory control has been accepted as the status quo despite the clear risks. In no other industry would such poor controls be acceptable. Imagine Wal-Mart's CEO explaining a lack of understanding of store inventory to Wall Street analysts. If such a story broke, he'd be out of a job before the ink dried. IT management shouldn't be allowed to get away with it either.

This is exceedingly frustrating, as application dependency mapping tools have become mature offerings. An application-dependency mapping tool uncovers the otherwise hidden relationships between applications and infrastructure resources. In our experience as former IT practioners, we have implemented such capabilities using a tool from Tideway Systems. Our main goal was to get a better handle on inventory management and resource relationship for a datacenter move, but we quickly realized that there were many additional benefits we could take advantage of:

  • Identification of idle servers for reclamation (we were shocked at how many)
  • Identification of legacy infrastructure that poses a security threat (such as Windows 95/98)
  • Identification of production servers using development or test resources
  • Identification of changes to an environment over time, especially useful for figuring out "what changed" for debugging purposes

In addition, the Tideway repository supports a cradle-to-grave resource management policy. What we found helpful was how Tideway logs all changes that occur to a server over time, not just the last scanning sweep. Even if a resource isn't available for an extended period of time, Tideway will unobtrusively remember its existence should it resurface, which can come in quite handy.

All this came flashing back when we heard Tideway has made a community version available for download. We were pleasantly surprised to learn that it's the full-blown version with the only limitation being 30 deep scans. The tool's ability to map out the high-level relationships and the lack of a trial expiration date makes it a really powerful and handy resource.

Tideway's bet is that once you experience the value of having this information at your fingertips, you won't want to live without it. Besides, it's high time that every IT department really understands its asset inventory.

Our suggestion is whether it is a best in class tool like Tideway or any other, firms must leverage such a capability to drive change across its IT platform.

Mobile Security Insider: iOS vs. Android vs. BlackBerry vs. Windows Phone
Recommended
Join the discussion
Be the first to comment on this article. Our Commenting Policies