What Is Configuration Management and Why Is It Important?

Last updated by UpGuard on October 9, 2019

scroll down

As an IT manager or engineer, you can sometimes get so thick in the details that it can be challenging to step back and answer the fundamental questions. Sure, you wrote the scripts that automate your systems. You also train users to understand the tools that implement configuration management. However, you also struggle to answer why your business should have configuration management teams, automation and tools like Ansible or CFEngine. Don't worry, if this has ever happened to you, remember that you’re not alone.

Configuration Management is.... [just google it]

1. Why Is Configuration Management Important?

Technology probably powers your business. How? If you sell SaaS (software-as-a-service), technology is the product. Even if you don't sell software, all companies today use technology systems to automate their processes. The configuration of your systems is critical to your success. Configuration makes your systems work. The servers, networks, operating systems, data centers, configuration files, IT assets, and all other configuration items. Open the 'Settings' menu in any software, and you're looking at configuration. You need to manage it carefully and keep track of configuration changes and ensure traceability, or your business and your end users will suffer from system outages and security breaches. Some businesses even have a configuration management database (CMDB),  configuration management plan and a configuration manager to ensure successful configuration management.

Configuration management (CM) is a form of IT service management (ITSM) as defined by ITIL that ensures that the configuration of these technology systems is known, good and trusted; and doesn’t rely on tacit knowledge in people's heads. It is sometimes referred to as IT automation. Being able to access accurate records of the state of your systems is essential and baselining an attribute can ensure formal configuration change control processes are effective. This is why version control of all critical IT infrastructure is important. Not only for project management, asset management and audit purposes, but for software development activities such as debugging (for example, knowing what has changed between one set of tests and the next to help identify what could be causing a fault).

By adopting configuration management, you will benefit from:

  • Reduced risk of outages and security breaches through visibility and tracking of the changes to your systems.
  • Cost reduction by having detailed knowledge of all the elements of your configuration, avoiding wasteful duplication of your technology assets.
  • Improved experience for your customers and internal staff  by rapidly detecting and correcting improper configurations that could negatively impact performance.
  • Strict control of your processes by defining and enforcing formal policies and procedures that govern asset identification, status monitoring, and auditing.
  • Greater agility and faster problem resolution, enabling you to provide a higher quality of service and reduce software engineering costs
  • Efficient change management by knowing your baseline configuration, and having the visibility to design changes that avoid problems.
  • Quicker restoration of service. In an outage, you'll be able to recover quickly as your configuration is documented and automated.
  • Better release management and clear status accounting

Another way to answer this question is to consider where software configuration management gets applied to the service lifecycle in enterprise IT. With DevOps teams taking the United States and world by storm, it is important to articulate that configuration state is critical during the entire execution phase and even more vital as handoffs occur throughout each stage. As you can see from the diagram below, it is a critical component throughout the plan, build, run and govern processes and handoffs that occur daily within an typical IT enterprise - whether you’re ‘doing DevOps’ or not.

Configuration Management

2. What Happens If We Don’t Do Configuration Management?

There’s a commercial that you may have seen. An auto mechanic talks about a costly engine repair that could have been avoided if the car’s owner had replaced his oil filter. The mechanic says:

“You can pay me now, or you can pay me later.”


The quote is just as valid concerning configuration management.

You can avoid the costs associated with configuration management by not bothering to employ it in your enterprise. If you do, however, you’ll probably pay instead in costs for:

  • Manual effort (months) to determine which system components should change when requirements change.

  • Failed implementations because your project's requirements changed, and you didn’t communicate the changes to all parties.

  • Lost productivity by replacing system components with flawed new versions, without the ability to quickly revert to a working state.

  • Unexpected outages from incorrectly modifying system components, because you couldn't accurately determine which components were impacted by a change.

Configuration management is included as a key systems engineering practice because it works! It keeps you from incurring costs preventatively and helps IT stop fire fighting. Moreover, good systems engineers have learned, through practical experience, that it pays for itself many times over.

The lesson to learn is simple: Don’t pay the price later! Use configuration management to focus on fire prevention, not fire fighting.

3. A Real-World Example of Configuration Management

The issue

A software “glitch” prevented the New York Stock Exchange (NYSE) from processing stock trades for almost 90 minutes.

The impact

The financial markets felt the impact even beyond the NYSE trading floor. Since investors couldn’t calculate market indexes without NYSE data, trading also stopped at the American Stock Exchange and some futures and options markets. Trading also slowed on the NASDAQ Stock Market, due to investor reluctance to do business without information on NYSE trading.

The cause

A new software installation caused the problem. The NYSE had installed the software on 8 of its 20 trading terminals, and the system was tested the night before go-live. However, on the morning of June 8th, a total of 8 installations failed to operate correctly. The NYSE tried to switch back to its old software, but was unable to do so before the opening of the trading session.

Lessons learned

Although you might see this as a failure of the NYSE’s configuration management process, in reality, it was a success. Although the problem didn’t arise until right before the opening of trading, the NYSE had robust configuration management processes and tools, which identified and recovered from the problem quickly. Other than some red faces at the NYSE, the damage was minimized. Had the outage continued for longer than 90 minutes, the repercussions would have been much more severe.

4. How Much Does Configuration Management Cost

Unfortunately, configuration management doesn’t come free. Firstly, you will need a configuration management system. The configuration management systems marketplace changes frequently, and there are many different solutions out there, ranging from open source projects to commercial off the shelf technology sold by the likes of Microsoft and IBM. Typically the costs for these configuration management tools are by 'node’ with varying price points depending on the type of node (servers, databases, network devices, mobile devices, storage, virtual instances, et al.). Open source systems have come a long way, so despite paying for a vendor's logo and sales team, it is not always value for money to go with a big vendor.

The second cost of configuration management is people, including staff (often contractors, if your internal capability is immature) with the skills to set up configuration management processes and tools. You will also need to factor in training of your existing staff to integrate ongoing configuration management processes into your business.

5. What is the ROI for Using Configuration Management?

Some of the financial benefits contributing to positive ROI results found in leveraging configuration management include:

  • IT staff productivity increase. Optimization of IT staff activities through automation reduced IT staff time spent "keeping the lights on", freeing up valuable staff resources for business-related initiatives.

  • User productivity increase. Reduction of downtime caused by system outages, cyber attacks, security intrusions, and change and configuration activities.

  • IT cost reduction. Optimization of IT operations reduces costs in multiple areas, including infrastructure, outsourced services and management software.

  • Continuous delivery of IT services. Ensuring that the software can be reliably released at any time.

There are plenty of ROI calculations that you can apply for your business. The metric is cost avoidance in areas such as:

  • The number of devices/nodes monitored by a configuration management system.
  • The effort (try $35/hour conservatively) it takes a system/network engineer to handle configuration management processes manually.
  • When (not if) a system outage occurs with no backup configuration.
  • When you inevitably need to apply a bulk configuration update to many systems, or a new rollout needs to happen.
  • When your business has to comply with a configuration audit request, or pass a technology risk assessment.

The benefits of configuration management flow into all these activities. These activities take time, and time is money.


Thanks for persevering. Hopefully you've been able to answer some of the more significant questions that your business should be asking itself about configuration management, and why you need it. 

Download and read our eBook to learn about one of the critical considerations in a configuration management program, which is handling unplanned, unexpected changes to your systems. UpGuard Core helps you discover, control and monitor all changes to your systems, keeping your business and customers secure.

Get the eBook

Related posts

Learn more about the latest issues in cybersecurity