The continuance of malicious computer attacks has made security a front page topic in almost every board room and IT oversight committee. Most IT departments accept that routine updates to software operating environments are a necessary part of managing systems.

It’s also not hard to convince the IT professional that the protection of data assets forms the foundation of recovering from a disruptive event. But very seldom do we think of security, systems and storage management as part of a seamless and holistic approach to securing the enterprise. Considering the rate at which vulnerabilities show up in our computing environment and the speed at which they can be exploited, we need to rethink how these three management environments should be leveraged after all; "The only truly secure infrastructure is a managed infrastructure!"

As the list below suggests, the administrative job of managing and securing the enterprise is complex and convoluted with loosely integrated software which attempts to automate the normal operations of the enterprise.

• Firewall management
• Virus definition updates
• Data backup
• Applications update
• Software licensing compliance
• Vulnerability assessment
• Disaster recovery
• Storage provisioning
• OS upgrade & provisioning
• Archive policy
• File recovery
• Asset inventory & reporting
• Repurposing
• Common operating environment policy
• Patch installation

However, in today’s heavily exploited environment we must ensure that the security, systems and storage management elements of the infrastructure can not only manage during normal conditions, but also manage effectively through the disruption of an exploit. Stated differently, security, systems and storage management systems must effectively manage during normal state and disruptive state conditions. Clearly the disruptive case is the more difficult state to manage.


What is a Disruptive State?

When an enterprise has entered a disruptive state it is a serious change in status, evidenced by the number of IT executives that suddenly are visible in meetings, phone calls and triage sessions. The entire enterprise enters a lockdown as the IT departments identify the threat, determine the vulnerabilities, plan corrections and wait for an exploit. The entire enterprise is holding its breath. The IT organization works long hours to secure servers, desktops, laptops and most recently handheld mobile devices. Often the more controlled process and management automations succumb to the deployment of individual experts to manually correct known problems and hunt for leaks in the infrastructure. The frequency, duration and damage that occurs during disruptive states gives rise to new challenges faced by IT management products.