• Ten IT Infrastructure New Year Resolutions for 2009

    04Jan
    Author: ned Categories: Green IT, Infrastructure Comments: 0

    While most people are making New Year resolutions like “exercise more” or “eat healthier food,” us IT wonks are busy making our own!  Here are ten New Year resolutions that every IT department should consider:

    1. Hold off on Vista.  If your business can survive without the awesome new sound effects and transparent windows Vista offers, stick with XP.  I’m not excited to make predictions about Windows 7, but the general concensus is that most businesses will be able to leap from Windows XP to Windows 7 without ever muddying their feet with the stink of Vista.  Don’t be shy about letting your corporate management know how much your department will be saving them on hardware and software licenses by maintaining the XP installation base another year.
    2. Consider additional use of open source.  This is another huge opportunity for savings – you’re likely already relying on more open source software than you know.  Here are three ideas:
      • Upgrading or deploying new web servers?  Consider replacing expensive, licensed Microsoft IIS web servers with Apache servers running on Linux.  You can use the same hardware you’re already comfortable with, and if you have a reasonably simple web site, you can probably do the migration in a day.  Have a really complex web site?  Then you almost for sure should at least be running Linux at the front-end web tier.
      • Still paying for expensive Oracle database licenses?  If you’re heavily dependent on Oracle-specific features, oops – your IT leadership made a mistake!  However, a vast majority of well-written applicaitons can utilize any reasonable RDBMS.  Personally, I have a huge crush on MySQL – I get a rush out of helping companies migrate from Oracle to MySQL for pennies on the dollar.  It’s also fun to see several racks of Y2k-era Sun hardware recycled and replaced with a half-rack cluster of Linux MySQL servers.
      • Did you resolve to start a blog in 2009?  There are literally hundreds of great blogging platforms, but we love Wordpress.  If you can manage your own LAMP server, use wordpress.org.  If you just want something quick, non-technical, and solid, try wordpress.com
    3. Start employing “the cloud”.  If you’re frightened by “cloud computing,” don’t be!  Companies like Amazon, Google, and Rackspace are happy to let you host your applications on their infrastructure, cheap.  These big boys manage hundreds of thousands of servers and know what they’re doing – you pay as little as ten cents an hour for an on-demand server and no longer have to worry about managing cooling, hardware maintenance, or data center space.  Worth a very serious look if you’re currently renting rack space, paying for a colo, or are in the market for cost-effective geographic redundancy.
    4. Improve network segmentation.  We all know an Internet firewall is essential, but it is no longer sufficient.  At the very minimum, you should segment your network with firewalls in several places – this architecture has tremendous performance, managability, and security benefits.  Identify where you’re at on the “Network Segmentation Ladder” below, and resolve to move your organization up a rung.
      Host-level segmentation firewalls (or ACLs or port security) between every individual host on the network
      Deparment-level segmentation additional firewalls between departmental/functional groups of servers and workstations
      Server-level segmentation additional firewalls between internal servers and internal workstations
      DMZ segmentation firewalls between Internet, Internet-facing servers, and internal systems
      Internet segmentation Internet firewall but no internal firewalls
      No segmentation no Internet firewall, security depends on NAT and luck

       

    5. Improve your documentation.  One low-cost activity that will definitely improve availability, managability, and security is creating better documentation.  If your IT team doesn’t have a good, shared documentation repository, try deploying your own wiki.  If you have a secure linux web server around, you can setup PMWiki in less than thirty minutes - our documentation went through the roof when we started using a wiki!  If you don’t have a change management tool, try Mantis – it is an awesome web-based ticketing tool that you can setup and customize in under a few hours… ITIL here you come!  Do you have a server build and security hardening checklist? …a server/service documentation template? …an production change planning/documentation checklist?
    6. Start thinking “green”.  If there ever was a time to start saving money by conserving use of energy and IT resources, Q1 2009 is it.  IT is a thorn in the CFO’s side, and you should consider resolving to cut back on IT-related spending right now.  A huge VMWare virtualization project might require a serious up-front capital investment – probably out in 2009… but you don’t have to buy anything to do a server consolidation project, which will make similar use of your spare capacity and result similarly less physical servers to manage (the dirty secret of server virtualization… more on this later).
    7. Improve your logging infrastructure.  If you’re not centrally collecting server and network logs, you’re missing the bus.  Using open source and free vendor-supplied tools, you can setup an enterprise-class central logging infrastructure without anything but a little extra disk space.  Having all of your logs in a central location is the first step toward proactive security and availability management.  If you already are logging centrally, this is a good year to start (or improve) automated log analysis.
    8. Resist cuts in security resources.  For a number of reasons, now is probably not a great time to lose sight on IT security.  As the purse strings are tightened, do your best to keep security initiatives on track.  Those patches will keep needing to be applied, and those log files reviewed – don’t let short-sighted cuts in security staff result in long-term security headaches for you and your customers.
    9. Run a Disaster Recovery drill.  Have an IT Disaster Recovery plan?  You should be exercising it with real-life “practical” exercises at least once a year… schedule yours now.  Don’t have a DR plan?  Schedule a tabletop exercise – we have found that sitting around a table, talking through failure scenarios is a spectacular way to get the DR planning process started.
    10. Perform a monthly network patch scan.  After a roughly three-year break from serious enterprise-threatening viruses…  viruses are back in 2009, baby!  We saw a really serious Windows vulnerability in late 2008 that resulted in some frustrating downtime for a number of enterprieses.  Resolve to run the free MBSA tool against your Windows network at least monthly.  Ideally, your IT department should be completing a number of self-assessment tasks on a monthly basis.

    Oh… and as a bonus, take a moment to read this post by Guy Kawasaki and resolve to live by the no a**holes rule in 2009.

    [Slashdot] [Digg] [Reddit] [del.icio.us] [Technorati] [StumbleUpon]
    Tags:

Leave a Comment

Please note: Comment moderation is enabled and may delay your comment. There is no need to resubmit your comment.

Subscribe:

Popular Posts