Sins of the IT Professional

Leon Adato is the head geek at SolarWinds.

Why is government IT so fraught with misinformation? That’s a good question with a surprisingly simple answer: IT professionals have a really tough job. They face the conundrum of managing increasingly complex and hybrid IT platforms, where some applications reside onsite while others are hosted in the cloud. They must protect their networks from continually evolving threats and enterprising bad actors, as well as the seemingly endless onslaught of mobile devices. Budgets are restrictive and resources slim. And there are political agendas that must be satisfied.

Given all of these factors, it’s understandable if we, professionals though we are, might feel compelled to tell some little white lies to ourselves on occasion. “Everything’s fine,” we might say—even if we’re not entirely sure of the truth of that statement. We might also be willing to engage in some little excuses and statements of overconfidence.

» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.

The problem is these small indiscretions can turn into big problems if not kept in check. Therefore, it’s important we acknowledge we may not have all the answers. We must continue to be honest with ourselves to avoid living in a world of gray.

You Don’t Know What You Don’t Know

And that’s the truth. The more IT infrastructure an agency outsources, the more difficult it is to truly know how that infrastructure operates. That’s especially true in today’s environment, which is leaning heavily toward hybrid IT models. It’s easy for us to kid ourselves into thinking we have a good handle on everything, when the reality is it’s very difficult to gain a complete view of our entire operation without the proper monitoring tools.

Worse, we have to also keep check on others within our agencies. Dr. House, the character Hugh Laurie played on the eponymous TV show, used to like to say, “everybody lies.” As pessimistic as that may seem, it is sometimes true, particularly in agency environments with very strict rules.

If an agency has a policy against using USB devices, for example, what happens if an employee breaks that rule and introduces the potential for unnecessary risk? From the confines of IT, it is sometimes difficult to assess what might be going on in other sections of the agency—and that could pose some problems.

Unearthing the Truth = No More Little White Lies

Keeping everyone honest is essential to maintaining network integrity. The best way to do that is to adopt monitoring solutions and strategies that allow our IT teams to maintain visibility and control over every aspect of our infrastructure, from applications hosted off-site to the mobile devices used over networks.

We should adopt monitoring tools that are comprehensive and encompass the full range of networked entities. For example, there are network monitoring solutions available that deal in elements ranging from a node, to a volume, to a CPU. They allow us to adjust our scopes as needs dictate.

These solutions should also be able to provide insight into network activity regardless of whether the infrastructure and applications are on-site or hosted. We must be able to monitor activity at the hosting site and as data passes from the hosting provider to the agency.

After all, shouldn’t a true monitoring solution actually monitor and provide a true view of what’s going on within the network? Shouldn’t it offer the ability to probe? To drill down? Those capabilities are essential if we are to truly unearth the root cause of whatever issues we may be trying to address or avert. And with the ability to monitor connections to external sources, we’ll be able to better identify break points when an outage occurs.

Let’s not forget everyone else in the agency. Shadow IT is not just relegated to the aforementioned USB or mobile devices; popular applications like Facebook can also introduce potential security issues. Thus, it’s important to keep tabs on network traffic to identify red flags and shine a light on employees who may be using unauthorized applications—again, as a means to keep everyone honest.

Being left in the dark may lead us to rely on half-truths simply because we lack the full picture. Instead of fooling ourselves, we should seek out solutions that provide us with true black-and-white clarity into our networks, rather than shades of gray. This will result in more effective and secure network operations.