Chris LaPoint, vice president of product management at SolarWinds, gets the essence of what runs through IT practitioners’ heads when they need to fix a problem on their network: It was working yesterday. It’s not working today. What the heck changed?
When dealing with federal agencies, there is often a lot to unpack with that line of thinking. Thin staffing, limited budgets and lack of full network knowledge can often cause a boatload of related headaches. LaPoint said it doesn’t have to be this way, and he recently offered FedScoop some advice government IT professionals can use when avoiding network downtime in the future.
A Gartner study earlier this year measured that by 2015, 80 percent of outages impacting “mission-critical services” will be caused by internal people and processes, with more than 50 percent of those caused internal factors: change, configuration or release integration, and hand-off issues.
Since agencies are often dealing with large networks, LaPoint said it’s crucial for IT professionals to keep damage mitigation systems as simple as possible, breaking down massive changes into manageable chunks for a team to execute.
“It order to detect what changed, I think you have to have a solid backup strategy with a lot of space left in configuration,” LaPoint told FedScoop. “This is not rocket science. But I think what you find within federal government agencies is there are a lot of times where there isn’t a full picture of what their environment looks like.”
To bridge this disconnect, LaPoint said it’s vital that IT operations staff and information security staff communicate as much as possible to take advantage of practices that may already be in use.
“If you look at information security and the importance of automation, IT ops has been doing that sort of work for a long time,” LaPoint said. “They’ve been gathering the same data that info security guys would love to use, but the info security guys end up building their own tools or surviving by asking IT ops on a periodic basis for that data.”
LaPoint said this sort of thinking is creeping into federal agencies but hasn’t completely set in. He points to a recent survey SolarWinds conducted that found IT professionals considered automation and information security two separate focus areas.
“There needs to be some convergence of those two,” LaPoint said. “I think there is an evolution of thinking that needs to happen from the traditional way of looking at information security as a periodic event to continuous monitoring. There are definitely a lot of agencies thinking about this, but there are a lot that aren’t. They are looking at it a separate thing versus looking at how IT ops and information security can really come together to move faster.”
LaPoint understands that introducing new ways of thinking is immensely tough, given all that agency professionals must cope with. However, as technology changes and risks to network downtime grow inside and outside of systems, it’s integral that agencies consider an evolution in their methods.
“It’s no longer a world where you can be a network engineer and just only care about network engineering,” LaPoint said. “You’ve got to understand to blended problem that is IT today.”