<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1678611822423757&amp;ev=PageView&amp;noscript=1">

Configuration Management's Secret Weapon Is Hiding in Plain Sight

Mark Underwood| March 14 2016

| security, IT insights

configuration-management-secret-weapon"Now how do I do that again?"

Documentation really isn't in the wheelhouse of a typical sysadmin or analyst. In large organizations that role falls to a specialist — perhaps a technical writer, UX whiz, intern or even a front-office generalist. But whether it's firewall settings, the cable routing patterns in a wiring closet or the new setup in the server room that was decided last week over a beer, the configuration management problem is the same: It's inconvenient to be writing it all down, assuming you can read your own writing the next day.

When there's more than one of you sharing systems management duties, the legibility and timeliness of documentation is even more important. Recognizing this fact — that you do have an obligation to document what you've done well enough for someone else to retrace your steps — is just enough to sour you on taking the time and effort to do it.

But there's a secret weapon you may not have considered.

Secret Weapon Revealed

Suppose you're upgrading the RAM in a server but you realize you need to remove the fan housing and RAID cabling to get to the RAM slots. Best approach? You know it's not worth the time to write it down; grab your smartphone. When there's substantial disconnecting to do, you'll find that reversing the disassembly process can be much easier by taking a few handy photos at the same time. Do it well enough and you can delegate the chore to someone else next time around (perhaps the night shift).

You're probably thinking a too-obvious approach isn't worth exploring further, but read on. With a little additional effort you can turn this into something worth mentioning (think configuration management investment) at your performance review.

Limits to Photo-Documentary Processes

There are limits to what can and should be accomplished via mobile. For example, you may inadvertently violate HIPAA rules, for which there are potentially crappy penalties. Bottom line: Photographing electronic health records, or even a patient in a clinical setting, should be avoided at all costs.

You might also recall your company policies regarding BYOD. While you're unlikely to be compromising your own network through BYOD (See Top 10 Hidden Network Costs of BYOD), there are concerns you may be overlooking. Indiscriminately snapping photos throughout an office could record proprietary data. Images provide documentary information that can remain on stolen phones and SD storage cards, and that increasingly ends up somewhere in the cloud.

If you hone your photo-documentarian skills, though, you may find yourself with an abundance of riches: too many pics. The photo's exchangeable image file format (EXIF) data in a JPG or TIF file will contain a timestamp and sometimes location data if you enabled GPS recording. Eventually that won't suffice.

Tagging, Intranets and ECM

EXIF data can be great for a one-off scenario, but you'll probably discover that this approach just isn't enough for searching your "photo-doc" archives. As with your personal roll, you'll soon have too many to manually browse through. And if multiple admins are snapping photos, the problem is multiplied.

Adopting this method broadly and the answer to "How do I do that again?" may no longer be on your phone. EXIF data gives you the time the photo was taken, but it's not tied to any systematic configuration management system (though, increasingly, CM systems will have mobile access).

The solution is electronic content management (ECM). While ECM is a large subject for another time, putting photos into an ECM isn't necessarily difficult. For example, it can mean using a Windows file system share with tagging, folders or other metadata annotation of the photo. You can simply store the photos associated with a machine in a folder named for the machine, like "Cisco 2960 Catalyst." Got a manual, too? Stick it there.

If you have access to Sharepoint or a homegrown intranet, even better. Tag your photos, upload them to the intranet and they're available to the team on demand. It's a feather in your cap at performance review time, and you'll sleep better at night.

Topics: security, IT insights

Leave a Reply

Your email address will not be published. Required fields are marked *

THIS POST WAS WRITTEN BY Mark Underwood

Free Trials

Getting started has never been easier. Download a trial today.

Download Free Trials

Contact Us

Let us know how we can help you. Focus on what matters. 

Send us a note

Subscribe to our Blog

Let’s stay in touch! Register to receive our blog updates.