Configuration management is a practice that helps identify changes to enterprise IT systems over time to ensure that all systems are working properly, meeting performance expectations, and complying with governance and regulatory policies.
As a result— and in light of all the apps, networks, servers, storage tools, edge devices, cloud options, and security patches currently in play— configuration management is an invaluable maintenance tool that’s critical within a modern enterprise IT system.
Simply put, “configuration management is a systems engineering process used to track and control IT resources and services across an enterprise,” says industry expert Stephen Bigelow of TechTarget. By establishing configuration standards for each asset, business/IT leaders can apply these standards to the setup of other servers or workstations in their network, a measure which will alert leaders of any issues that may require updates, reconfiguration, or patches to help promote consistency across the organization.
The Growing Need for Configuration Management
In the last several years, two major developments have created a greater need for configuration management than ever. These include the rise of cyber attacks and changing workspace dynamics.
According to a recent study by the Ponemon Institute, 54% of organizations surveyed claimed to have experienced a cyber attack in the previous 12 months. Another 52% reported an increase in cyber attack activity relative to the prior year. NETSCOUT’s 2020 Threat Intelligence Report findings confirmed these trends noting that hackers now attack worldwide targets 26,000 times a day. (This is equivalent to once every three seconds.) Cybersecurity Ventures predicts this cyber hacking landscape will amount to over US$10 trillion in annual costs by 2025.
The rise in the number and severity of cyber attacks to organizations and their enterprise systems in recent years has been further exacerbated by the shift to more remote work since the pandemic. A recent article in Forbes confirmed that in 2023, over 40% of the workforce either worked exclusively from home or in a hybrid situation involving some days at home and some days from the office. (This is nearly double the level of that activity in 2019, according to the National Institutes of Health).
As a result of this societal shift in the workplace dynamic, IT departments no longer have ready access to or sole control over all of their company’s computers — many of which employees may have set up themselves with software that’s not up to date with current security patches or antivirus protection. A recent report from Malwarebytes revealed that remote workers exposed companies to cyber threats and caused security breaches in 20% of the organizations they surveyed during the pandemic. To make matters worse, CyberTalk found that it takes organizations with remote workers nearly two months longer to identify and address cyber breaches than organizations with in-office workforces.
All of the above realities have contributed to a workplace landscape that requires greater IT maintenance and configuration management practices than ever for standardization and security.
Incorporating Configuration Management (CM)
Companies establish configuration management systems by considering how their software will evolve and be utilized over time. After creating a CM “baseline” of system settings that will enable the detection of changes, they must then institute a process by which they’ll determine whether those changes comply with policy and will be allowed or not based on testing, monitoring, and auditing.
When instituted proactively, organizations can accrue many benefits from the automated tools that run as part of a CM program. For example, configuration management code can
- automatically update software across an enterprise,
- restore system information quickly in the event of a glitch or system crash,
- and formally document all of these developments.
This allows a company’s IT professionals to use their time more productively and to deploy new software and software updates more consistently across their organizations.
In addition, by optimizing IT workflows and potentially helping to prevent an error, crash, or cyber attack, a robust configuration management system can reduce the cost of operating an IT network. As a result, many experts identify configuration management as one of the most important technology trends taking shape in organizations worldwide.
Reduce Your Risk Through Proactive CM
Developed by IEEE Educational Activities in conjunction with the IEEE Computer Society, Configuration Management: Core Concepts for Building Reliable Software is a new course which examines the current version of the IEEE Configuration Management Standard. (This standard, IEEE 828-2012, establishes the minimum requirements for processes for configuration management in systems and software engineering). The course explains what configuration management is and details the traditional CM processes of configuration identification, status accounting, change control, and configuration audit. It also explains the essential CM processes currently used in many organizations to establish and protect the integrity of a product or product component throughout its lifespan.
This course is ideal for managers, practicing IT professionals, academics, undergraduates, and electrical engineers. It is part of the Software & Hardware Configuration Management in Systems Engineering eLearning program, which also includes four other courses:
- Configuration Management: Optimizing Software Development Lifecycles
- Configuration Management: Supporting Agile Methodology Development
- Configuration Management: Emerging Practices and Applications
- Configuration Management: Organizational Assessment and Improvement
Resources
Law, Marcus. (20 December 2023). Top 10: Technology Trends for 2024. Technology.
(22 June 2023). What is Configuration Management? Red Hat.
(4 March 2021). 7 Best Practices for Configuration Management. Tanium.
Garza, Megan. (2 June 2023). 80 Cybersecurity Statistics and Trends [Updated 2023]. Varonis.
Brooks, Chuck. (5 March 2023). Cybersecurity Trends & Statistics For 2023; What You Need to Know. Forbes.
Haan, Katherine. (12 June 2023). Remote Work Statistics and Trends in 2024. Forbes.
Silver, Hilary. (2 March 2023). Working from Home: Before and After the Pandemic. National Institutes of Health.
(29 September 2023). What is Configuration Management and How Does It Work? Indeed.
BasuMallick, Chiradeep. (18 October 2022). What is Configuration Management? Working, Tools, and Importance. Spiceworks.
Agree totally, existing and adequate CM is necessary for sound security