Tackling infrastructure sprawl

clock • 3 min read
Tackling infrastructure sprawl
Image:

Tackling infrastructure sprawl

Park Place Technologies CISO John Parlee on the risks of allowing infrastructure to grow uncontrollably, and what to do about it

A perennial problem for IT leaders, infrastructure sprawl has been exacerbated by the ease of spinning up infrastructure in the cloud. Computing spoke to John Parlee, Chief Information Security Officer (CISO) at Park Place Technologies, about the best ways to tackle infrastructure sprawl.

What is infrastructure sprawl and why is it a problem for IT departments?

Infrastructure sprawl is the presence of under-utilised systems and services that consume resources but are not providing the benefit that they should. This is a challenge because those resources have an associated cost, which includes the amount of time, effort, and spend is takes to operate, maintain and licence those resources. This creates additional overhead for IT teams that need to plan out maintenance cycles, troubleshoot software updates, respond to end-user tickets, and have a level of expertise for each system that they maintain.

Security teams need to understand what the systems do, what data they process, and what accounts are present to be able to detect and respond to anomalous activity. As the problem continues, it is usually compounded by lack of human resources, and with organisational turnover, there becomes a lack of knowledge required to operate and maintain the system. More problems arise when inadequate maintenance results in significantly more difficult application, software dependency or operating system updates, which, if deferred, could result in lingering system vulnerabilities. Ultimately, the existence of these inefficiencies becomes costly.   

What has created the issue?

There are many reasons that infrastructure sprawl exists, including challenges with lifecycle management, acquisitions that require system and process consolidation, and a mentality to move fast or provide self-service. System consolidation takes time and effort and might be set aside to focus on more critical business issues. A lack of governance which includes defined process, procedure, and audit contributes to the problem.

Is it likely to get better or worse over the next two years?

The issue is getting worse and has become a challenge with virtual machines and cloud infrastructure, as well. Transition to cloud infrastructure can result in shifting the problem to the cloud.  

Know what is on your network and maintain an accurate inventory of all enterprise assets and software - John Parlee, Park Place Technologies

Without proper governance, resources can be created without oversight, and with limited restrictions. With cloud infrastructure, a click of a button can authorise the creation of multiple resources supporting a single service, application, or system. Removing a component, doesn't necessarily decommission all of the components.    

What should IT leaders be doing to alleviate the problem?

Know what is on your network and maintain an accurate inventory of all enterprise assets and software. Find a solution or a trusted partner that can help identify resources, define ownership, understand workloads and their cost, and create a lifecycle plan.

Use of a discovery tool, such as ParkView Discovery, on an ongoing basis will provide visibility, identify changes, and confirm accuracy over time. Once visibility is achieved, develop a plan to address existing infrastructure sprawl.

Consider the nature of the problem and identify some potential solutions. Evaluate and select options that support the use case, such as hyperconverged technology, edge computing solutions, virtualisation or cloud workloads.

During an acquisition, use of a discovery tool will provide an initial inventory, and the progress of the merger and disposition of the assets over time can be tracked and validated.  IT governance, through distinct roles and responsibilities in conjunction with good network architecture, can implement the required checks and balances necessary to control future sprawl.

Develop an intake process that requires workload analysis, and proper scoping of resources. Ensure that data points including cost and utilisation are periodically reviewed to minimise sprawl.

You may also like
AWS signs nuclear datacentre deal

Datacentre

All part of the plan to feed AI's power demands

clock 06 March 2024 • 2 min read
Southern Water confirms customer data breach

Hacking

Stems from Black Basta attack last month

clock 14 February 2024 • 2 min read
Wired for adventure: An interview with Scouting CDO Lara Burns

Leadership

'We’re about skills for life'

clock 08 February 2024 • 6 min read
Most read

Sign up to our newsletter

The best news, stories, features and photos from the day in one perfectly formed email.

More on Cloud and Infrastructure

'A lot of confusion': Unpicking SAP's recent changes

'A lot of confusion': Unpicking SAP's recent changes

SAP and Lemongrass talk S/4HANA migration deadlines, RISE and AI

John Leonard
clock 27 February 2024 • 6 min read
Datacentre demand 'a self-fulfilling cycle': National Grid CIO Sarah Milton-Hunt

Datacentre demand 'a self-fulfilling cycle': National Grid CIO Sarah Milton-Hunt

Build better

Tom Allen
clock 21 February 2024 • 2 min read
Vinted's stylish security: Navigating fashion-tech fusion

Vinted's stylish security: Navigating fashion-tech fusion

Turning to open source to address containers and microservices

Tom Allen
clock 07 December 2023 • 4 min read