Configuration Management

Knowing about physical assets is important to many organisations as a theft preventative measure, and financial auditors need to verify that assets in the company's accounts exist. IT asset configuration management is different.

The Infrastructure Manager should ensure that apart from their identities (names) these servers, their firewalls and load balancers are set up the same. If a new server environment is created, unless deliberately different, it too should match the same configuration.

Auto-QA and auto-documentation are the friends of a deployment manager.

An unchallenged "Keys of the Kingdom" technical specialist is one of the biggest risks to IT operations, particularly where the person is adept at hiding their mistakes.

In a recent engagement, a new server had been built at a new location for a specific service. A json file with Arabic characters could not be saved through a web browser-based application: the form's submit event went into an infinite 403 (forbidden) loop. The initial focus of the investigation was on some oddment with the Arabic character set. Eventually it was determined that the firewall had not been configured to allow json files through. This is typical of an IT department with a low maturity index, combined with an "I know what I'm doing: I don't need any bureaucratic documentation" attitude not being challenged.

There was no work protocol for the new build, no request for change document (so no change approval), no auto-QA, no manual QA and apparently zero documentation of the characteristics of the existing infrastructure.

Everything best practices recommends was missing: a master class on how not to do IT.

For more information on how we can help you with improving IT asset configuration management, and reducing transition risks, please write to