Mark Gaydos, Chief Marketing Officer, Nlyte Software, discusses the CMDB danger signs of which organisations need to be aware.
An accurate configuration management database, or CMDB, is the foundation for functions that contribute to critical business performance. Areas such as service management, operations management, asset management, cybersecurity, cloud operations and organisational compliance with regulations all fall under this umbrella, and all of these functions rely on accurate information residing in the CMDB.
It’s a vital tool for keeping the organisation’s technology assets in order but it would be unwise to rely on it without a few safeguards in place. The CMDB is made up of many types of configuration items (CIs). These must be kept accurate, else the organisation risks a lot of pain for a lot of employees’ roles as they struggle to make sense and react in a timely manner to the needs of the business.
At the very least, many business functions will be slowed down and the pace of innovation and simple daily operation will be severely curtailed.
When the CMDB is not accurate, managers can’t lock down systems securely, can’t see service levels of business performance; it becomes more than a little challenging to maintain asset registers and maintain assets healthily, securely and compliantly.
What does this all mean for the business, for customer service, for revenue? It means that nothing will be fine-tuned, as the technology layer that underlies essential business services creaks and struggles to catch up to a business that wants to be moving more fluidly at the pace of its customers, the market and competitors.
Perils of the inaccurate CMDB
Top of the list is if the organisation relies on manual updates done by human beings. It’s a general life law but anything done manually won’t be as accurate, timely or extensive as that from a well-configured, automated process.
Bear in mind what the IT team might be dealing with for a medium-sized organisation or above: technology updates, patches, many network devices, IoT devices, perhaps BYOD – there’s a potential myriad of information to absorb and include around the hardware, firmware and software that manual entry simply can’t keep up with for the average business.
Often related, the issue of simply not seeing all the issues that may affect technology performance. With devices and changes coming from all angles, it’s a very common challenge to the IT ‘Nights Watch’ that keeps the metaphorical white walkers away from the castle keep.
In fact, to see across all devices, colocation, cloud services and the data centre, it’s easy to get a feel for how many assets in the stack affecting the CMDB. If the view of these assets is not ‘wide’ then the business can’t see all of them, and therefore risks non-compliance, ill technology health and under-licensing.
Where a CMDB might lack sufficient data on each asset the view is not ‘deep’. In that case the business can’t really see the detail on each asset and the same risks as before apply, but magnified in the event that the data that is digested may prove to offer a false sense of security against misunderstood and unseen risks.
A serious issue for those in control of either charging for services consumed, or ensuring that internal customers can understand the health of the services they use and offer out to external customers, is where the CMDB doesn’t help with understanding usage.
If any of these challenges rings true – or if you decide to investigate and find that they are affecting the business, there are ways to turn the situation around.
There’s a list of features that you want to look for within a couple of solution areas. The first being data centre infrastructure management (DCIM), the second being Technology Asset Management (TAM). Overall these are a boon as they help the IT team coordinate between facilities and IT, aid compliance and overall risk reduction, manage the human risk factor and layer on top energy and usage savings.
Key to these are an asset explore function that takes the hard work out of searching for and understanding the status of all technology assets on the network. Then the functionality needed on top includes some form of asset optimiser, for obvious reasons, as well as very useful extras that can build around including energy optimisation and system utilisation monitoring – all of which can coexist within one solution set.
The benefits to seek are: a single source of genuine truth for the whole list of assets, understanding these asset dependencies for software, hardware and the network, monitor for asset changes, integrate business and security systems and (no one’s favourite feature, but none-the-less essential) reporting and auditing made simple through automation. These solve a range of common issues around chain of custody, security and record keeping.
To start this journey, take a good look at what the situation really is, under the surface in the business. Discover if things are really ‘OK’, or if under the surface there are frustrations and ‘could be betters’. The solution could be a couple of acronyms that together combine automation, analysis, workflow and monitoring to increase agility and achieve efficient cost effective management across the entire technology stack. And that sounds like a recipe to make anyone happy.