The Cranky Admin
The Marks of a Successful Enterprise IT Team
It requires a proper needs assessment at its base.
The government of Canada has had some spectacular IT disasters of late. The most famous was the botched payroll rollout that left 80,000 government employees without pay; a problem that has dragged on for over nine months. The government's response is a public declaration they will implement enterprise IT concepts. Should other Canadian businesses be considering the same thing?
The entire discussion is shot through with bias and misinformation right from the start. The term "enterprise IT" means completely different things to different people. The most prominent IT practitioners endlessly debate exactly what qualifies as enterprise IT. Vendors will tell you that whatever it is they sell at their top price point is "enterprise."
There are entire philosophies about how to merge business management approaches with IT, application development, manufacturing and other business domains. Information Technology Infrastructure Library (ITIL), agile, DevOps and more are frequently bandied about here. Business owners and shareholders, on the other hand, just want to know how to get the perceived benefits of better security and lower costs that enterprises are presumed to enjoy.
There is one -- and only one -- secret that successful IT teams have learned which escapes their less experienced brethren: the absolute doctrine of needs assessment.
The most dangerous possible concept for any organization is management by trade magazine. Marketing buzzwords are easy to regurgitate, and when a charismatic speaker gets on stage at a conference to tell you they've transformed their business by using the latest trend in IT, it's very tempting to believe the same will apply to you.
The truth is that IT is not -- nor will it ever be -- a one-size-fits-all solution. Public cloud may be the answer for one business, with a particular mix of people, a given risk appetite and a specific amount of capital. Their competitor two blocks over, however, may be owned and operated by a completely different group of people with different circumstances; to them, owning physical assets they can sweat through the bust times is critical.
Successful IT teams, which includes many enterprise IT teams, understand this. This is why you almost never find an enterprise with a homogenous IT apparatus. Many will be running legacy applications written 40 years ago on mainframes right next to their hyper-converged, hybrid cloud solutions.
What's also worth bearing in mind are the number of catastrophic data breaches that enterprise and large government IT teams around the world, from Sony to Yahoo to the Office of Personnel Management of the United States, have suffered.
Successful IT is IT that fits the needs of the organization. And unlike what a lot of vendors will tell you, in IT you don't get what you pay for. Properly-implemented, low-cost IT accurately matched to the needs of an organization is far better than expensive IT that doesn't do what's needed.
The one place enterprises do better than anyone else is security. Yes, enterprises are breached all the time, but they are also successfully warding off billions
of attacks every year. Enterprise IT teams realized long ago that the eggshell security model was dead.
Eggshell security is based on the idea that threats are going to come from "hackers" attacking from outside the organization. Security investments then focus on creating a strong perimeter. You'll know people are talking about perimeter security when they are talking about firewalls, a DMZ, intrusion detection and proxies.
We've known since the 1990s that eggshell security is hopelessly inadequate. Despite this, the majority of businesses -- and even government organizations -- still rely on this security model. During the 1990s, as Internet access became more widespread, enterprises started to move toward layered security: a series of perimeters isolating different segments of their networks from one another. It was a good start, but it wasn't enough.
Automate Incident Response
Virtually everything -- sometimes including our lightbulbs -- has Internet access in today's businesses. We use cloud computing, placing critical applications outside our organizations. This means we need to refocus on a concept known as perimeterless IT: each and every system and application needs to be individually defended.
Another security concept adopted by successful enterprises but rejected by everyone else is the truth that no network is impenetrable. All of our networks -- personal, corporate and governmental -- will eventually be compromised. While attempting to keep out invaders is important, detection of compromise is arguably more important, as it ideally not only detects external compromises, but compromises from internal threats as well.
Detecting compromise is only useful if plans exist to deal with compromise. This is known as incident response. Where formal incident response plans exist, they can be automated. The future of security for successful organizations, then, rests in a concept called automated incident response: try your best to keep out the bad guys, but make absolutely sure that if you fail you can detect that something wrong has occurred and have computers automatically trigger a lock-down when the bad guys win one.
No one product will make you successful or secure. Buying what the other guy buys isn't going to make you a winner. To succeed at IT -- to think like a successful enterprise IT team -- you need to do the hard work of finding out what your needs and limitations are and then finding the right solutions to fill the gaps.
Trevor Pott is a full-time nerd from Edmonton, Alberta, Canada. He splits his time between systems administration, technology writing, and consulting. As a consultant he helps Silicon Valley startups better understand systems administrators and how to sell to them.