Get Pricing For SunView Solutions

Review platform features & packaging to decide what best meets your needs.

IT Service Management

ChangeGear is an industry-leading ITSM platform that helps organizations to better track, manage, and deliver critical services.
Get Pricing

IT Operations Management

LivePulse offers out-of-the-box system and application monitoring essentials in the cloud.

Get Pricing

Passwords, Security, Change Management, and a Giant Egg on a Wall

01/31/2012 by: The SunView Team

Unfortunately, many of life's lessons tend to come from the most unexpected places. You have to read between the lines, figure out hidden meaning, and then speculate as to the helpful tidbits you can take with you. Then, there are times like this one, when the lesson is crystal clear, and builds on something most of us have heard since childhood.

As the old nursery rhyme goes, there was a rather fragile individual that found himself perched, quite high and precariously, on a wall. As luck would have it, he fell. To which extent no one could assemble the wreckage that now was Humpty Dumpty.

While we could pull an endless amount of insight out of this near 200 year-old story and tie it back to IT, there are a couple key points that relate directly to some very common themes that have come up recently (again) - namely security and resources.
 
As you may have heard, Online Shoe Retailer Zappos (Read Amazon) was the victim of a hack that, along with other information, got user names and encrypted passwords. Of course we'd also throw in the ancillary value of credit cards, but user names and passwords are the true gold. That's mainly because passwords have become the Catch22 of the IT world. Everyone needs them, but since we need so many, we make them really easy to remember or just reuse the really hard ones everywhere we need a more robust one. Thus, a hack at one location can typically grant access to a host of other ones.
Thinking back to our metaphor, these bits of recycled information have become a common-day realization of our delicate, egg-shaped friend. Even worse, we've put them on the highest wall in all the land, the Internet. As we all watch from down below, we can see the inevitability of a great fall. Then it happens, and as in our childhood tale, an unlimited amount of resources are thrown at the problem. While not horses and men, these resources tend to be cash damages or enrollment in credit protection for millions of customers - both costly to an organization, but never truly providing resolution.

As IT professionals we need to take pause here for a moment, and think about what we are doing. We need to ask legitimate and serious questions about how and why such fragile information is placed in such precarious places. Not to mention, with such a high likelihood of failure, we should reevaluate exactly who even needs access to certain information. In a sense, once we have determined it is an absolute necessity for Humpty to be up on that wall, we need to make sure we've taken steps for prevention, as well as reaction.

Inevitably, we must learn that simply throwing resources at something after the fact doesn't tend to fix anything. Education can play a much larger role, as many people still don't understand the exposure and importance of protecting (and not reusing) passwords - even in organizations that specialize in just that. Think of it as making sure that all the kings men, and maybe even the horses, were trained to spot Humpty up on the wall, talk him down if necessary, but more importantly be prepared for when he does fall.

Finally, we can't dismiss the value of having the right tools to both prevent issues, and react to them (sometimes simultaneously). The best place to start is with consistent and constant monitoring of changes. If this area of ITSM is a bit new to you, check out our video covering an introduction to Change Management. Filmed in partnership with the experts at Pink Elephant, you will get an introduction to ITIL, and see the demonstrable value behind adding Change Management to your IT organization, in just a little over 20 minutes.

Image: Flickr | AussieGall

|