I am not going to lie to you and say that every environment that I manage or have managed is an optimized Secure, Well-Managed IT Environment. It’s just not true.
In a secure, well-managed IT environment we monitor to make sure that things are working the way they are supposed to. When we spin up a new server, for example, the proper agents are installed for anti-malware and monitoring without our lifting a finger. Tuesday evening a new server is spun up, Wednesday morning it is already letting us know how well it is running.
But what about the other environments? Many smaller environments do not have automated deployment infrastructures that make sure every new server is built to spec. What do we do for those?
The answer is simple… where automation is lacking we have to be more vigilant in our processes. When a new server (virtual or otherwise) is created, we not only install an operating system… we also make sure we add the monitoring agent, the anti-virus agent, and make sure you schedule proper backups because if you don’t it will all ne for naught if everything goes down.
So the answer is to make my environment completely automated, right?
Well, yes of course it is… in an ideal world. In the real world there are plenty of reasons why we wouldn’t automate everything. The cost of such systems might outweigh the benefits, for example… or maybe we do not have an IT Pro managing it, just the office computer guy. Ideally we would get that guy trained and certified in all of the latest and greatest… but if you work in small business you know that might not always be the reality.
So what IS the answer?
Simple. I have a friend who has made a fortune telling people around the world how to make checklists. I am not the guru that Karl is, and you don’t have to be either. But if you do have a manual environment, spend the time to make a checklist for how you build out systems – make one for servers, one for desktops, and probably one for any specific type of server. You don’t have to do it from memory… the next time you build a machine write down (or type!) every step you take. 1) Create virtual machine. 2) Customize virtual machine. 3) Install operating system… and so on. When you are satisfied that your system is built the way you want it (every time) then you should try it again… but rather than using what you know, follow the checklist.
These checklists, I should mention, should not be written in stone. There are ten rules that were so written, and that’s enough. Thou shalt not murder is pretty unambiguous. Thou shalt install Windows 8.1 may change when you decide to upgrade to Windows 10. So make sure that every time you use the checklist you do so with a critical eye, trying to see if there is a way to improve upon the process. The Japanese word for this is Kaizen. They are pretty good at a lot of things from what I have seen
True story: I gave this advice to a colleague once who thought it was great. He started creating checklists, and had his employees and contractors follow them. One day he invited me for a drink and told me a funny story. His client had been using System Center Operations Manager (SCOM) to monitor all of their servers. He had a checklist that included installing the SCOM agent in all servers. One day the client decided to switch from SCOM to SolarWinds (a great product!) and after several weeks he decommissioned his SCOM infrastructure. Six months later the client (a pretty big small business) complained that since they switched from SCOM to SW all of their new servers kept reporting a weird error. It seems that the IT Pro who was following the checklists had continued installing the SCOM Agent into their servers, and since it could not find a SCOM server to report to, it was returning an error. As I said, these checklists should be living documents, and not set in stone.
There is no one right or wrong answer for every environment. What is a perfect inexpensive solution for one company might be cost prohibitive for another. The only thing you have to do is use your mind, keep learning, use common sense, and keep reading The World According to Mitch!