Tackling infrastructure sprawl

clock • 3 min read
Tackling infrastructure sprawl
Image:

Tackling infrastructure sprawl

Park Place Technologies CISO John Parlee on the risks of allowing infrastructure to grow uncontrollably, and what to do about it

A perennial problem for IT leaders, infrastructure sprawl has been exacerbated by the ease of spinning up infrastructure in the cloud. Computing spoke to John Parlee, Chief Information Security Officer (CISO) at Park Place Technologies, about the best ways to tackle infrastructure sprawl.

What is infrastructure sprawl and why is it a problem for IT departments?

Infrastructure sprawl is the presence of under-utilised systems and services that consume resources but are not providing the benefit that they should. This is a challenge because those resources have an associated cost, which includes the amount of time, effort, and spend is takes to operate, maintain and licence those resources. This creates additional overhead for IT teams that need to plan out maintenance cycles, troubleshoot software updates, respond to end-user tickets, and have a level of expertise for each system that they maintain.

Security teams need to understand what the systems do, what data they process, and what accounts are present to be able to detect and respond to anomalous activity. As the problem continues, it is usually compounded by lack of human resources, and with organisational turnover, there becomes a lack of knowledge required to operate and maintain the system. More problems arise when inadequate maintenance results in significantly more difficult application, software dependency or operating system updates, which, if deferred, could result in lingering system vulnerabilities. Ultimately, the existence of these inefficiencies becomes costly.   

What has created the issue?

There are many reasons that infrastructure sprawl exists, including challenges with lifecycle management, acquisitions that require system and process consolidation, and a mentality to move fast or provide self-service. System consolidation takes time and effort and might be set aside to focus on more critical business issues. A lack of governance which includes defined process, procedure, and audit contributes to the problem.

Is it likely to get better or worse over the next two years?

The issue is getting worse and has become a challenge with virtual machines and cloud infrastructure, as well. Transition to cloud infrastructure can result in shifting the problem to the cloud.  

Know what is on your network and maintain an accurate inventory of all enterprise assets and software - John Parlee, Park Place Technologies

Without proper governance, resources can be created without oversight, and with limited restrictions. With cloud infrastructure, a click of a button can authorise the creation of multiple resources supporting a single service, application, or system. Removing a component, doesn't necessarily decommission all of the components.    

What should IT leaders be doing to alleviate the problem?

Know what is on your network and maintain an accurate inventory of all enterprise assets and software. Find a solution or a trusted partner that can help identify resources, define ownership, understand workloads and their cost, and create a lifecycle plan.

Use of a discovery tool, such as ParkView Discovery, on an ongoing basis will provide visibility, identify changes, and confirm accuracy over time. Once visibility is achieved, develop a plan to address existing infrastructure sprawl.

Consider the nature of the problem and identify some potential solutions. Evaluate and select options that support the use case, such as hyperconverged technology, edge computing solutions, virtualisation or cloud workloads.

During an acquisition, use of a discovery tool will provide an initial inventory, and the progress of the merger and disposition of the assets over time can be tracked and validated.  IT governance, through distinct roles and responsibilities in conjunction with good network architecture, can implement the required checks and balances necessary to control future sprawl.

Develop an intake process that requires workload analysis, and proper scoping of resources. Ensure that data points including cost and utilisation are periodically reviewed to minimise sprawl.

You may also like
Government announces independent institute to support semiconductor strategy

Chips and Components

New body will act as a 'voice' for the UK semiconducter industry

clock 21 May 2024 • 2 min read
AWS signs nuclear datacentre deal

Datacentre

All part of the plan to feed AI's power demands

clock 06 March 2024 • 2 min read
Southern Water confirms customer data breach

Hacking

Stems from Black Basta attack last month

clock 14 February 2024 • 2 min read

Sign up to our newsletter

The best news, stories, features and photos from the day in one perfectly formed email.

More on Cloud and Infrastructure

UK cloud market consolidating around two major players, CMA says

UK cloud market consolidating around two major players, CMA says

AWS remains the market leader but Microsoft steals the show with growth and new customers

clock 29 May 2024 • 2 min read
Cloud adoption in 2024: Navigating AI, edge computing and the road beyond

Cloud adoption in 2024: Navigating AI, edge computing and the road beyond

CIOs are pursuing best-fit cloud solutions that avoid vendor lock-in

Eric Helmer
clock 09 April 2024 • 3 min read
WebAssembly heralds 'third wave of cloud computing'

WebAssembly heralds 'third wave of cloud computing'

Wasm: 'Speed and agility is the name of the game'

John Leonard
clock 26 March 2024 • 3 min read