Updated on June 29, 2018 by UpGuard
As an IT manager or engineer, you can sometimes get so thick in the details that it can be challenging to step back and answer the fundamental questions. Sure, you wrote the scripts that automate your systems. You also train users to understand the tools that implement configuration management. However, you also struggle to answer why your business should have configuration management teams, automation and tools. Don't worry, if this has ever happened to you, remember that you’re not alone.
Technology probably powers your business. How? If you sell SaaS (software-as-a-service), technology is the product. Even if you don't sell software, all companies today use technology systems to automate their processes. The configuration of your systems is critical to your success. Configuration makes your systems work. The servers, networks, operating systems, config files and all the other building blocks. Open the 'Settings' menu in any software, and you're looking at configuration. You need to manage it carefully, or your business will suffer from system outages and security breaches.
Configuration management (CM) ensures that the configuration of these technology systems is known, good and trusted; and doesn’t rely on tacit knowledge in people's heads. It is sometimes referred to as IT automation. Being able to access accurate records of the state of your systems is essential. Not only for project management and audit purposes, but for software development activities such as debugging (for example, knowing what has changed between one set of tests and the next to help identify what could be causing a fault).
By adopting configuration management, you will benefit from:
Reduced risk of outages and security breaches through visibility and tracking of the changes to your systems.
Cost reduction by having detailed knowledge of all the elements of your configuration, avoiding wasteful duplication of your technology assets.
Improved experience for your customers and internal staff by rapidly detecting and correcting improper configurations that could negatively impact performance.
Strict control of your processes by defining and enforcing formal policies and procedures that govern asset identification, status monitoring, and auditing.
Greater agility and faster problem resolution, enabling you to provide a higher quality of service.
Efficient change management by knowing your baseline configuration, and having the visibility to design changes that avoid problems.
Another way to answer this question is to consider where configuration management gets applied to the service lifecycle in enterprise IT. With DevOps taking the world by storm, it is important to articulate that configuration state is critical during the entire execution phase and even more vital as handoffs occur throughout each stage. As you can see from the diagram below, it is a critical component throughout the plan, build, run and govern processes and handoffs that occur daily within an typical IT enterprise - whether you’re ‘doing DevOps’ or not.
There’s a commercial that you may have seen. An auto mechanic talks about a costly engine repair that could have been avoided if the car’s owner had replaced his oil filter. The mechanic says:
“You can pay me now, or you can pay me later.”
The quote is just as valid concerning configuration management.
You can avoid the costs associated with configuration management by not bothering to employ it in your enterprise. If you do, however, you’ll probably pay instead in costs for:
Manual effort (months) to determine which system components should change when requirements change.
Failed implementations because your project's requirements changed, and you didn’t communicate the changes to all parties.
Lost productivity by replacing system components with flawed new versions, without the ability to quickly revert to a working state.
Unexpected outages from incorrectly modifying system components, because you couldn't accurately determine which components were impacted by a change.
Configuration management is included as a key systems engineering practice because it works! It keeps you from incurring costs preventatively and helps IT stop fire fighting. Moreover, good systems engineers have learned, through practical experience, that it pays for itself many times over.
The lesson to learn is simple: Don’t pay the price later! Use configuration management to focus on fire prevention, not fire fighting.
A software “glitch” prevented the New York Stock Exchange (NYSE) from processing stock trades for almost 90 minutes.
The financial markets felt the impact even beyond the NYSE trading floor. Since investors couldn’t calculate market indexes without NYSE data, trading also stopped at the American Stock Exchange and some futures and options markets. Trading also slowed on the NASDAQ Stock Market, due to investor reluctance to do business without information on NYSE trading.
A new software installation caused the problem. The NYSE had installed the software on 8 of its 20 trading terminals, and the system was tested the night before go-live. However, on the morning of June 8th, a total of 8 installations failed to operate correctly. The NYSE tried to switch back to its old software, but was unable to do so before the opening of the trading session.
Although you might see this as a failure of the NYSE’s configuration management process, in reality, it was a success. Although the problem didn’t arise until right before the opening of trading, the NYSE had robust configuration management processes and tools, which identified and recovered from the problem quickly. Other than some red faces at the NYSE, the damage was minimized. Had the outage continued for longer than 90 minutes, the repercussions would have been much more severe.
Unfortunately, configuration management doesn’t come free. Firstly, you will need a configuration management system. The configuration management systems marketplace changes frequently, and there are many different solutions out there, ranging from open source projects to commercial off the shelf technology sold by the likes of Microsoft and IBM. Typically the costs for these configuration management tools are by 'node’ with varying price points depending on the type of node (servers, databases, network devices, mobile devices, storage, virtual instances, et al.). Open source systems have come a long way, so despite paying for a vendor's logo and sales team, it is not always value for money to go with a big vendor.
The second cost of configuration management is people, including staff (often contractors, if your internal capability is immature) with the skills to set up configuration management processes and tools. You will also need to factor in training of your existing staff to integrate ongoing configuration management processes into your business.
Some of the financial benefits contributing to positive ROI results found in leveraging configuration management include:
IT staff productivity increase. Optimization of IT staff activities through automation reduced IT staff time spent "keeping the lights on", freeing up valuable staff resources for business-related initiatives.
User productivity increase. Reduction of downtime caused by system outages, cyber attacks, security intrusions, and change and configuration activities.
IT cost reduction. Optimization of IT operations reduces costs in multiple areas, including infrastructure, outsourced services and management software.
There are plenty of ROI calculations that you can apply for your business. The metric is cost avoidance in areas such as:
The benefits of configuration management flow into all these activities. These activities take time, and time is money.
Thanks for persevering. Hopefully you've been able to answer some of the more significant questions that your business should be asking itself about configuration management, and why you need it.
Download and read our eBook to learn about one of the critical considerations in a configuration management program, which is handling unplanned, unexpected changes to your systems. UpGuard Core helps you discover, control and monitor all changes to your systems, keeping your business and customers secure.
Misconfigurations are an internal problem that emanate from within the IT infrastructure of any enterprise; no hacker is necessary for massive damage to occur to digital systems and stored data. And the problem is pervasive, with Gartner estimating anywhere from 70% to 99% of data breaches result not from external, concerted attacks, but from internal misconfiguration of the affected IT systems.