Global Operations management is a challenging role, as enterprises become more and more dependant on IT to support business growth and expansion, system flexibility and the capability to rapidly response to change becomes critical to business success. Countering and frequently conflicting with this requirement is the increased demand for high levels of security, reporting and controls. Its generally taken that the more secure a system is the less flexible accessing and managing that system becomes, with increased requirements in reporting, auditing and managing. Today's IT Managers are faced with managing conflicting demands from the business, rapid flexible response to change combined with excellent quality of service delivery, high levels of security and low overheads and costs.
Having a Change Monitoring system in place is a critical foundation to enable the IT Operations manager achieve these goals and with minimum overhead can radically improve security, controls and quality of service delivery.
I'm sure that everyone working for a multinational enterprise appreciates how scalable Domino is to a geographically distributed infrastructure and management architecture, it is possible to share one domino domain across multiple regions (And management teams) but this can lead to security and reporting nightmares. How do you know that regional administrators are adhering to corporate access policies? You need a Change Monitoring solution in place (Or else laboriously check / authorise every single global change yourself)
Lets paint the picture of the following architecture.. a Globally dispersed Domino environment with Servers physically based in 30 countries and operational support from four major centers. Thousands of databases shared globally with some of them business critical, containing highly confidential information. In this environment you have corporate standards and shared services but the local ops management is regionally structured with regional reporting lines. HOW do you manage globally shared systems? Access to databases in this environment?
Scenario 1 - Delegating administration with comfort
So you have a global application with Global users, you need to centrally manage global policies but enable regional admins to administer the severs in their regions, an unfortunate result of allowing local admin access to modify configuration documents for regional servers means that they also, potentially have access to modify other regional / corporate configuration documents. You can either prohibit the risk of unauthorised changes by a complex access system and or approval process OR you implement a change monitoring system which will report to you on who changed what and send you alerts when specific configuration items are modified. IT Managers can be more comfortable with enabling more distributed administration, secure in the knowledge that they have the controls in place to monitor any (intentional or unintentional) overlaps of admin authority.
Scenario 2 - Meeting and exceeding Auditors expectations
So you have a highly distributed global environment, with business critical databases (some of which are financial, with sign off costs etc) , access and authorization levels are managed via groups. Your global, decentralised admin team have access to update groups as they require this for day to day operations. So an Auditor comes in.. and points out that Junior Admin A has access to add users to the group All company Mailing list but this means that he also has access to update the group 'Highly Secure group that gives access to everyone's HR details) How can you convince the auditors that this is not a security / Compliance issue ? With audits, (and we know this is a very high level statement, but in general it is accurate) you need to have clearly stated policies and controls in place, if it is not technically possible (or logically possible) to grant access to modify some groups but not others then being able to clearly monitor, report and alert changes to 'sensitive' groups is normally sufficient to meet ( even exceed) Auditors expectations.
Scenario 3 - Managing Security in such an architecture
Domino is a very secure system with multiple layers of security that can be implemented to provide segmented targeted security. But someone has to implement these security measures, how do you ensure that those with access to implement security standards are doing it correctly? Or in fact are using their admin access for what it was intended and are not in fact abusing their admin access? In a large globally distributed environment you cannot depend on personal trust and ethics, you need the controls in place to manage and monitor security and ensure that your global admin team is acting within the parameters of their roles and responsibilities.
Domino is a highly scalable, secure system that is ideally suited to a distributed architecture, both from an infrastructure and administrative model. While this architecture can very positively lend itself to rapid change and enable regional management, rapid change and local control can in itself create headaches for security, audit and central policy management. By ensuring that key configuration and access controls settings are monitored and reported (by an automated central control ) IT Managers can successfully delegate administration and controls , relaxing that they have the control in place to monitor and manage their environment.