According to the
Mayo Clinic, plaque in your arteries and inflammation are usually to blame for coronary artery disease. Left unchecked, plaque buildup narrows arteries, decreasing blood flow to your heart and eventually causing chest pain (angina) and other symptoms. Because this develops over decades, you might not notice a problem until you have a significant blockage or a heart attack (#nothanks).
Are we doomed to this outcome, or are there things we could do that will reduce the likelihood of coronary artery disease? Health experts say there are several changes we can make, including to:
- Stop smoking
- Control high blood pressure
- Eat healthy
- Exercise
- Use low-dose aspirin
- Reduce stress
That’s great, but can we watch the changes happening in our arteries to see what’s going on with plaque buildup? Can we monitor changes in the build-up and take corrective action prior to calling 911?
Not so easily, it turns out. According to the
National Institute of Health, no single test can diagnose coronary heart disease. Echocardiography, stress testing, blood tests and more can all help your doctor determine if there is a problem, but you would be hard pressed to do that every day/week/month (#darnit).
With that scary preamble, let’s talk about IT systems and how they suffer from a similar malady – let’s call it “UCS” for Unexpected Change Syndrome. UCS can also be life-threatening (digital life, anyway). Security breaches, system downtime, exfiltrated data … they can all result from UCS.
UCS can be difficult to diagnose, as these changes can happen slowly over time and be cumulative just like coronary artery disease. But there is one major difference.
UCS can be prevented with proper
change management hygiene. We’re not talking about putting your IT systems on a vegan diet or (please no) eliminating beer from their diet. We’re talking about ensuring that the only changes happening on critical systems are expected changes and anything unexpected is flagged for inspection and removed as appropriate.
We’re talking about following best practices, such as a:
- system of record for expected changes (e.g. tickets in ServiceNow) that come out of the Change Advisory Board (CAB) (approved change)
- deep understanding of expected/planned O/S updates (approved change)
- a process for reconciling expected with observed changes (Tripwire Enterprise)
- process for flagging unexpected change and following up on it (Tripwire Enterprise)
- process for analyzing changes that appear malicious to determine their root cause (Tripwire Enterprise)
- process for analyzing unexpected files to determine if they are malicious using a threat management system like Lastline
- process for creating and managing secure configurations (hardening guidelines) and notification when there is drift from the known good (healthy) state (Tripwire Enterprise)
You may be surprised to know that Tripwire can help you accomplish these preventative measures. Through
integration with tools like ServiceNow, you can help ensure that only expected changes happen and that anything unexpected opens a ticket in the change management system and is investigated before you have to dial the IT equivalent of 911.
Learn more about Tripwire’s solutions
here and check out our
integration and Golden Ticket program
here. (#TWGoldenTicket)
