Manage Infrastructure Change

All too often, a change made to a mission-critical server has devastating results on an enterprise. Even major companies experience downtime or data loss because of an ill-timed or poorly planned change. Take, for example, a DNS administrator who decides to clean up DNS, only to later find that critical services failed because they relied on an older server hostname. At another level, new regulations, such as Sarbanes-Oxley (Sox), place a much higher burden on IT to ensure control and the ability to audit changes within the network.

The Solution

Initiate a program to formalize the change management process within your organization.

Where to Start

Begin by identifying which elements within your IT infrastructure can best be served by change management. While it may be nice to say "everything," in reality, organizations generally restrict change management to critical infrastructure pieces, such as servers and network devices.

Next, create a process document that identifies how a change request should flow through your organization. For example, if a change is made to a critical healthcare application in a hospital, should the change be approved by the application's management committee? And how should this workflow be enforced?

To help automate change management, look for two types of applications: workflow and systems management.

The first, workflow, manages the approval, review and reporting process involved in change management. Workflow software can come in many forms, but most often it has the feel of a help desk ticketing system but with additional features. For example, Change Management Control from SLAM offers workflow for change management and provides for a good deal of control over the process. Even open-source products are capable of use within change management, including the RT help desk package.

The second, systems management, is software that can actually implement the change on a target system for you. These types of systems are available in both the Windows and Unix worlds. In Windows, a good example is Microsoft Systems Management Server (SMS), which allows you to implement changes for critical Windows-based operating systems and applications. However, SMS is limited in the scope of applications supported. For Linux and Unix, configuration engines such as cfengine provide a very powerful policy-driven mechanism for implementing change and also for ensuring that systems do not diverge from their expected state.