Tackling infrastructure sprawl

clock • 3 min read
Tackling infrastructure sprawl
Image:

Tackling infrastructure sprawl

Park Place Technologies CISO John Parlee on the risks of allowing infrastructure to grow uncontrollably, and what to do about it

A perennial problem for IT leaders, infrastructure sprawl has been exacerbated by the ease of spinning up infrastructure in the cloud. Computing spoke to John Parlee, Chief Information Security Officer (CISO) at Park Place Technologies, about the best ways to tackle infrastructure sprawl.

What is infrastructure sprawl and why is it a problem for IT departments?

Infrastructure sprawl is the presence of under-utilised systems and services that consume resources but are not providing the benefit that they should. This is a challenge because those resources have an associated cost, which includes the amount of time, effort, and spend is takes to operate, maintain and licence those resources. This creates additional overhead for IT teams that need to plan out maintenance cycles, troubleshoot software updates, respond to end-user tickets, and have a level of expertise for each system that they maintain.

Security teams need to understand what the systems do, what data they process, and what accounts are present to be able to detect and respond to anomalous activity. As the problem continues, it is usually compounded by lack of human resources, and with organisational turnover, there becomes a lack of knowledge required to operate and maintain the system. More problems arise when inadequate maintenance results in significantly more difficult application, software dependency or operating system updates, which, if deferred, could result in lingering system vulnerabilities. Ultimately, the existence of these inefficiencies becomes costly.   

What has created the issue?

There are many reasons that infrastructure sprawl exists, including challenges with lifecycle management, acquisitions that require system and process consolidation, and a mentality to move fast or provide self-service. System consolidation takes time and effort and might be set aside to focus on more critical business issues. A lack of governance which includes defined process, procedure, and audit contributes to the problem.

Is it likely to get better or worse over the next two years?

The issue is getting worse and has become a challenge with virtual machines and cloud infrastructure, as well. Transition to cloud infrastructure can result in shifting the problem to the cloud.  

Know what is on your network and maintain an accurate inventory of all enterprise assets and software - John Parlee, Park Place Technologies

Without proper governance, resources can be created without oversight, and with limited restrictions. With cloud infrastructure, a click of a button can authorise the creation of multiple resources supporting a single service, application, or system. Removing a component, doesn't necessarily decommission all of the components.    

What should IT leaders be doing to alleviate the problem?

Know what is on your network and maintain an accurate inventory of all enterprise assets and software. Find a solution or a trusted partner that can help identify resources, define ownership, understand workloads and their cost, and create a lifecycle plan.

Use of a discovery tool, such as ParkView Discovery, on an ongoing basis will provide visibility, identify changes, and confirm accuracy over time. Once visibility is achieved, develop a plan to address existing infrastructure sprawl.

Consider the nature of the problem and identify some potential solutions. Evaluate and select options that support the use case, such as hyperconverged technology, edge computing solutions, virtualisation or cloud workloads.

During an acquisition, use of a discovery tool will provide an initial inventory, and the progress of the merger and disposition of the assets over time can be tracked and validated.  IT governance, through distinct roles and responsibilities in conjunction with good network architecture, can implement the required checks and balances necessary to control future sprawl.

Develop an intake process that requires workload analysis, and proper scoping of resources. Ensure that data points including cost and utilisation are periodically reviewed to minimise sprawl.

More on Security

Law enforcement has stepped up its game to combat REvil over the past year

FBI seized Bitcoins worth $2.3 million from REvil affiliate

The cash comes from ransomware payouts to mitigate REvil attacks

clock 02 December 2021 • 3 min read
IKEAs email system under attack, report

IKEA's email system under attack, report

Reply-chain attacks allow hackers to send malicious emails from genuine accounts

John Leonard
clock 29 November 2021 • 2 min read
The future of work has changed forever - how should security leaders handle it?

The future of work has changed forever - how should security leaders handle it?

Okta's Craig Hinchliffe looks at the challenges and opportunities facing security teams when it comes to protecting today's dynamic workforce

Tom Allen
clock 18 November 2021 • 1 min read