Fifteen signatures.
That’s how many approvals were required to make a single change on a production firewall at the global transportation company where I was a technical architect. Fifteen separate approvals, all captured on paper and ultimately dropped into a file cabinet somewhere, likely never to be seen again. The process was long, painful and, worst of all, drew the time to deploy a new application out much longer than the business would have liked.
Most IT shops have similar polices that, as a whole, have spawned what CIOs and business leadership call the “IT bottleneck,” a phenomenon that causes undesirable delays in getting an application “to market.” Whether that market is customers, partners or employees doesn’t really matter. The consensus is that IT is standing in the way of getting there.
That consensus may be right.
Now, the complexity of today’s data centers is such that without processes, applications would never make it “to production.” A vast number of network and application components require rule and policy configuration changes to support any new system. And many of the data center components on which these rule and policy changes must be made are not just critical but super-, mega-, ultra-critical. The kind of critical that means a wrong configuration could bring the entire business to a screeching halt.