Increasingly, IT departments are regarded as service providers to end users. Thus, IT departments must manage their hardware and software assets with the objective of providing efficient customer service to all constituents. Service provision requires that IT identify specific sets of services (such as in a service catalog), identify the assets required to deliver the services, authorize users to access the services, and establish processes and best practices for service delivery on an ongoing basis.
The need for effective processes for service delivery has resulted in the increasing adoption of best practices based on IT Infrastructure Library (ITIL), ISO 20000, Six Sigma, and other process standards and frameworks. Indeed, these best practices are being adopted worldwide by IT departments that wish to improve customer service to both internal and external customers. These standards help streamline and standardize internal IT processes, resulting in higher IT efficiency and improved service delivery to end users. One of the most critical areas that need strong operational processes is managing changes to the IT infrastructure. This includes processes for management of authorized and planned changes as well as facilities for detecting and preventing unauthorized changes.
What is needed is a streamlined, integrated approach to managing change that incorporates hardware and software asset discovery, discovers relationships between assets, and ensures that approved hardware and software asset configurations are maintained intact and are not corrupted by accidental or unauthorized changes. This is a key foundation for meeting a variety of regulatory compliance requirements. Tripwire has developed solutions that address this need, and when integrated with other solutions for discovery, these offerings can provide the necessary configuration and change management for multiple types of IT environments. IDC recommends that IT managers consider Tripwire solutions to support these functions.
IN THIS WHITE PAPER
This IDC White Paper discusses key issues surrounding configuration management and compliance. These issues center on the IT department’s need to lower costs, increase management flexibility and control, and increase responsiveness to business needs and requirements. Managing change and satisfying compliance requirements are critical parts of the IT department’s service delivery mission. Accidental or unplanned changes to the IT configuration, or configuration settings that "drift away" from standards, can have drastic consequences in terms of service disruption for the business as a whole. IT organizations need software solutions that can address the need to effectively manage and control changes to configuration settings.
SITUATION OVERVIEW
Change is intrinsic to any business. Technology innovation, evolving customer preferences and requirements, disruptions in the supply chain, and regulatory developments are market forces that demand that businesses adapt quickly to these shifts and be able to innovate. IDC’s January 2007 QuickLook Survey of senior business and IT executives underscores this business sentiment. The results show that the top 5 business initiatives leading the CEO’s agenda are (in order of highest to lowest frequency rates):
! Customer care and service enhancement
! Product (or service) innovation/development
! Sales productivity/performance improvement
! Regulatory compliance
! Business performance monitoring
IT organizations must have the ability to effectively manage their IT assets and changes to the IT infrastructure to enable the business to respond to market developments in a timely fashion. For compliance and risk management purposes, IT should be able to support these responses in a consistent and auditable fashion, and with minimal risk of business disruption. The survey data suggests that senior IT executives are aware of these needs. Among senior IT executives, the top 3 priorities are product (or service) innovation/development, regulatory compliance, and IT organization responsiveness and efficiency improvement.
From an IT standpoint, the overarching theme among these CEO priorities is obvious. Businesses want to have a flexible and resilient IT infrastructure that would allow them to quickly adapt to and take advantage of developments in their business landscape. Senior business and IT executives also increasingly recognize that these business priorities do not exist in a vacuum and converge with critical functional areas within the enterprise. IT organizations today recognize that the ability to manage IT assets and the configuration and change processes is central to enabling operational effectiveness.
