Systems and data recovery is another example of similar processes being executed in the normal and disrupted state. Traditional backup systems back up data during normal operations but they very seldom focus on processes that will allow a recovery within the window required by most disruptive events. Since many normal and disruptive state management tasks are similar, it is logical to conclude that if we architect for the disruptive state we will also realize improvements in the responsiveness of the normal state management tasks.
It is important to recognize the enterprise-wide scope of managing in the normal and disrupted state. During the transition phase the management software must be capable of connecting to and managing the entire computing environment. This environment includes servers, network devices, desktops, laptops and handheld devices in both wired and wireless environments.
Consider three key pain points often highlighted during CIO discussions.
The challenge of migrating and building systems at the rate of arrival of new operating systems has become so difficult that some CIOs see it as a career-threatening event. The process involves determining, first of all, what is exactly on every machine in the enterprise, setting the standards for a new operating environment, preparing that environment for deployment and then finally deploying the change. The whole process takes significant manual activity and expertise and can be so difficult that many organizations still have yet to migrate to Windows XP while a new Windows environment is already inevitable with Microsoft’s Longhorn. Provisioning is traditionally a normal state management task but it is a good example of an area that needs significant improvement through automation.
The ability to completely patch and configure machines presents a large problem—primarily because the threat landscape evolves more quickly than the patch process can update the software. Viruses such as Sasser and Blaster are proof that virus writers will continue to exploit vulnerabilities—Sasser was released into the wild less than three weeks after Microsoft announced the vulnerability it exploited. The window of opportunity in which IT can react to vulnerabilities continues to decrease. Patch Management is mostly a disruptive state application but as stated previously it can be thought of as a highly responsive component of normal state provisioning.
Protection & Recovery
It goes without saying that generally data should be protected but organizations should also have a backup and disaster recovery plan that will help them recover in the event of a successful attack. Data recovery has become a heightened concern because the rate of attack is increasing, so the probability of having to recover is higher. Additionally, having an infrastructure where the accuracy of financial reporting, the privacy of personal information, security and other process certifications is becoming the personal responsibility of executives. This level of infrastructure accountability is driven by regulations, such as Sarbanes-Oxley, HIPAA and FISMA. The scope of recovery solutions must include desktops, PDAs, servers, and laptops and must have recovery times that are measured in minutes.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.