One of Ben Franklin’s well-known sayings is “An ounce of prevention is worth a pound of cure.” What’s perhaps less well-known is that he was referring to the need for configuration auditing of business IT systems. OK, maybe not; he was very forward-thinking, but that could be a stretch. Nonetheless, the meaning in Franklin’s words applies to modern IT infrastructures surprisingly well.
Configuration auditing encompasses a range of both preventive and proactive measures that can keep your network and applications functioning as intended, and should be an important element in your overall security strategy. If you aren’t already implementing some form of configuration auditing, either because you aren’t sure what it does or you’re unsure of its value, here are 5 top reasons you should be performing configuration auditing for your business IT environment.
1. Change Management
You know your IT environment is never static, so it’s crucial to know what’s going on: what’s being changed, who changed it, when and where it happened. Did someone move a file, which could have cascading dependencies? Has a group’s permissions changed, meaning employees can’t access resources they need – or can access documents they shouldn’t see? Did an Active Directory (AD) record get deleted? You need to know these type of changes have happened as soon as possible.
In addition to detecting these changes, you need to see both the changed value and the original value. If a change leads to a problem, you’ll want to be able to roll back to the previous state – which won’t be easy if you don’t know what the original value was. Ideally, your configuration auditing solution should provide all of this information to you on demand or with alerts for any detected potential problems.
2. Improved Security
Configuration auditing should form an important piece of your overall security strategy. As a result of recording and reporting on all changes to your IT environment, you’ll be better able to manage permissions and detect when those permissions have been applied incorrectly or have changed. It happens: A new user gets put in the wrong security group or someone’s status change gets input with a wrong value. Regular auditing should uncover these errors before they become a security nightmare.
Of course, even when all permissions are correct, data breaches can still occur, either maliciously or accidentally. Therefore, it’s important that you can report on network access to your corporate resources. In addition to showing what current permission levels are for employees, you might need to see state-in-time permissions for a previous date when a breach occurred. Security is everyone’s responsibility, and configuration auditing helps you keep your environment safe.
3. Maintain Compliance
No matter what industry you’re in, you have a moral and ethical responsibility, if not a legal requirement, to keep personal data secure – whether that’s your employees’ contact information or your customers’ information. In many industries, the requirements are regulated by specific rules or legislation (I’m sure you’ve heard all the acronyms, and I hope you know which ones apply to your business already!). Maintaining compliance with these rules and regulations is essential to your business reputation and financial well-being.
Tracking changes in your IT environment and maintaining data integrity are important to demonstrate compliance with standards. In addition to externally imposed regulations, you probably also have corporate policies regarding technology use, developed by your HR department to protect both employees and the company, that your IT department has to implement. Effective configuration management can help ensure all appropriate safeguards are in place and that rules and regulations are being followed.
4. Ability to Troubleshoot Problems
What happens when an application that was working fine yesterday won’t even load today? Did the user’s permissions change, did a required service get stopped, or did a new update somewhere else have an unintended consequence? You’ll need all the data you can get to run down the source of the problem. Configuration auditing provides you the necessary trail to follow.
I’d like to say that configuration auditing will prevent any problems from ever appearing in your IT environment, but we all know that unforeseen incidents are part of the IT life. An effective configuration auditing solution should reduce these incidents, of course, and help you troubleshoot problems that do arise.
5. Configuration Assessment
Sometimes you want to get a holistic view of your environment, see how things are interacting and how everything is running. In other words, is your IT infrastructure performing as expected? As you consider system or application upgrades, it’s particularly important to know where your current environment stands.
You might also want to verify that requested or entered changes have the intended results. That is, did the Group Policy change you entered end up changing the attributes you expected it to – and no others – or were there other changes? Did that complicated PowerShell command actually do something besides return a value of “OK”? Configuration assessment can be an important feature of configuration auditing.
Ounce of Prevention
These are just 5 top reasons you should be using configuration auditing for your business, but certainly there are others. Depending on the systems or applications you have to monitor, you can get deep protection and security across your IT infrastructure – if you choose the right solution. Just remember Ben Franklin’s advice to go for an ounce of prevention and save yourself the nightmare problems that come from being unprepared.