June 30, 2013
Welcome to the new Business Service Mapping blog, by VNT Software.
In this blog we intend to share with you our insights regarding news and developments in the BSM market, as well as tips and best practices for getting the most out of a BSM initiative.
This time we would like to share with you a topic that we discussed extensively last week, about the unknown connections and dependencies between different environments of an organization.
This was triggered by some recent incidents at customer sites, most of them related to unauthorized links between test and production environments. For example, in one recent case there was an application deployed in a test environment, that was using a production database. No one knew that actually, when the testers were performing their testing tasks, they were actually accessing a production server. In another case, a test application was accessing the production mainframe. These are just few examples out of several similar discoveries that we recently saw at customer organizations. These mistakes seem much more common than we estimated.
How and why does this happen?
The reasons are most probably configuration and deployment mistakes, such as changing the wrong configuration file, forgetting to change an application’s configuration, or a temporary test configuration that has been forgotten and remained permanent.
No matter what the reason, the results are clear: some of the business services do not use the infrastructure elements that they are supposed to use, creating security breaches that jeopardize the overall business activity.
So what is the solution?
First, of course, comes prevention – strict change control, strict rules. Second comes detection – search for these situations to fix them as soon as possible. Discovering application and business service maps is one of the most effective ways to discover these unplanned dependencies between environments, and block them.
Safety above all…