There is value in the system
Reseller opportunity remains within the area of systems administration, reports Bob Tarzey
Most important to IT users in their work are the applications that enable them to do their jobs and the devices from which they access those applications.
However, system administrators responsible for ensuring end-user devices can link to the applications know that achieving this takes a lot more than that in between. Resellers know this too. But resellers may not realise the extent to which their customers fail to manage much of their equipment securely and effectively - and the additional opportunity this represents.
We recently looked at three broad areas: management of privilege, ability to automate sys-admin tasks, and ensuring compliance.
Over-granting of privilege is a common problem; sys-admins are often granted more access than necessary. This is a difficulty, not because sys-admins are innately malicious people (although a few have turned out to be), but because they can make mistakes, just like anyone else.
Errors made when acting under privilege can have a serious impact on the availability of IT systems. For example, the failure to back up a server properly (or at all) may mean that data is lost and a project put back by days or weeks; wrongly reconfiguring a network firewall may lead to remote users being locked out of systems they need to access; or spinning down the wrong disk volume for maintenance purposes may leave an email server out of action.
Our new research shows the average sys-admin's error rate is about seven per cent. One way to reduce error rates is better management of privilege. To achieve this, it is necessary to deploy tools to manage the scope of privilege access, limiting the range of data and devices to which a sys-admin has access and the time during which they have the access.
There is another way to reduce error rates: more automation of system administration. Many tasks are mundane and repetitive. A good example is data protection. Most organisations regularly back up their file servers and many have automated this process.
However, other devices need protecting too, and it is less likely that the settings of firewalls, routers and load balancers are backed up. This is important for ensuring a quick recovery in the case of failure, and automation of this task is easy with the right tools. Other jobs can also be automated, including data gathering for audits.
This brings us full circle, because the use of privilege is one area that auditors are keen to see IT departments control. Some standards are specific about the management of privileged users. For example, one of the controls in the IT service management standard (ITSM) ISO 270001 states that the allocation and use of privileges shall be restricted and controlled. Meanwhile, the Payment Card Industries Data Security Standard (PCI DSS) recommends auditing "all privileged user activity".
Many organisations do not have the controls in place to make sure this required data is gathered. Indeed, some businesses admit to appalling practices: they put in place uncontrolled changes to sys-admin procedures immediately prior to audits, only to lapse back into their old procedures just after the audit has taken place.
More than two thirds of respondents in our research admitted that this happens at least occasionally. For some, it is a regular occurrence.
When it comes to helping customers manage privileges, automating system administration and ensuring compliance, resellers can take one of two approaches. Either they can ensure that the tools needed to do the job are available as part of their portfolio, or they can use such tools themselves to provide managed services.
Vendors that focus on the management and privilege and the automation of IT include Osirium, which sponsored Quocirca's report, CA, Cyber-Ark, Quest Software and Lieberman Software.
A new Quocirca research report, Conquering the sys-admin challenge, is freely available to CRN readers here.
Bob Tarzey is an analyst and director of Quocirca