Britain’s Sir Winston Churchill, famously said: “Never have so few, been asked to do so much, for so many, with so little.” If he were around today, he could use those same words to describe a growing trend in IT Management Senior leadership at companies big and small, from global corporations to SMBs, all seem to be asking IT to do more with less, and the demands from business units and employees keep coming in. Sys admins really do have to do more and more, with less and less, and there’s little hope that that will change any time soon. Here are the six most significant trends in IT management that sys admins need to be aware of and prepare for.
New devices are coming out from every major vendor, in every conceivable form factor. Tablets, phablets, phones, ultrabooks, wearable devices and embedded devices are flooding the market. Which devices your company will adopt, and how you will support them, are questions you are going to need to answer sooner rather than later. The ones that run the standard operating system you already support will be easy to deal with. What you have to worry about are the ones running other operating systems that can’t be backed up, managed, or imaged with your standard tools. You will still be asked to provide support, and you know that it’s very likely that the executives will be rushing to use the latest and greatest device they saw someone else use in First Class last time they travelled.
Many of those new devices are going to be connecting to your network whether you are involved in their selection or not, and the tech savvy users buy their own and then want to use them at work. BYOD is here to stay. Ignoring it, pretending it will go away, or refusing to permit it on your network are all strategies destined to fail. The best thing you can do is start to focus on securing data, implementing strong authentication, and providing these BYOD devices with network access that is restricted and controlled. Guest networks, remote portals, and extranet applications are all ways to address BYOD, but don’t assume that just because you don’t own it, you can’t manage it. There are security applications on the market that can assess BYOD devices to ensure that they are patched and up to date, so you can be sure that your employees are keeping up with the maintenance of their own gear.
There are three things you can count on: death, taxes and budget cuts. Every dollar you spend is going to have to be stretched further, and that means you need to focus on what celebrity chef Alton Brown calls “multitaskers”. In both the staff that you hire and the applications that you purchase, you want to make sure that everyone can do more than one job, and everything can be used for more than one purpose. When you evaluate new hires, look for multiple and diverse skills that can either complement, or support, your existing team. You may not find a firewall engineer that can also code in C#, but you can probably find a SharePoint admin who also knows Active Directory, or an Exchange engineer who also knows SQL. And when you look at new software, whether it’s for testing, patching, or security assessments, look for multitaskers that can perform multiple functions.
The other side of the coin is reduced headcount, and the same things we talked about in the previous paragraph apply here. Whether your current staff is asked to do more, or someone on your team decides to move on, it’s unlikely you will be able to expand your team or even backfill existing roles if someone leaves. Your best strategy here is to do a skills assessment of each of the people on your team, figure out which skills rest with only one person, and start cross training. There’s not a single person in IT who doesn’t want to learn something new, and this will also help ensure that people can take a day off or go on vacation, and not be the only person who can fix whatever breaks the moment it realized the “one guy” is off the clock.
Advanced Persistent Threat
There are always going to be bad guys on the Internet trying to break in to your network. There will always be systems that automatically scan your network for ways to get in. But Advanced Persistent Threats, or APTs, are the next big thing. First mentioned in 2005, APT has evolved from a rare exception to a mega threat. Rather than simply scanning for a target, the bad guys are scanning for you. You are the target, and it may take them days or weeks of effort, but they are making a concentrated and focused effort to get into your network. The vulnerability scan you paid for last year might not have found anything then, but how secure are you now? Do you want to take the chance that there’s nothing on your network that can provide an attacker with a way in? Vulnerability scanning is something that used to be done maybe annually, but now needs to be done perpetually, around the clock, and anything it finds must be remediated immediately. It’s not enough to patch once a month when new vulnerabilities are discovered daily. If an attacker is playing the long game, and patiently waiting for the one thing that you miss to find his way in, you need to make sure you miss nothing.
Everything is moving to the cloud, from email and applications to complete infrastructure solutions and even VDI. The cloud has something to offer almost every business, from sole proprietorships to Fortune 10 corporations, and it’s no longer a question of if you will use something in the cloud, but when. There are even solutions in the cloud that will help you to manage your on-premises environments. You can use cloud solutions for email hygiene, patch management, system monitoring, remote support, and more. It’s all in the cloud, and means new solutions can be piloted in hours instead of weeks. Enterprise deployments can happen in days instead of months. The cloud is going to change everything. In truth, the change has already started.
Knowledge is power, and with knowledge of these trends, you are empowered to respond to each accordingly. Being in a position to adopt and support the new technologies, maintain service levels even in the face of declining budgets and reduced staff, and taking a proactive approach to the threats from the Internet will help you maintain a high level of security and sanity.