Can We Ever Get Away From the Sprawl?: Using ITIL to Organize IT
This song lyric, which is the title of this post, describes how it’s hard to break away from cities that continually grow and how that continual growth results in dead islands within cities that ultimately affect our behavior.
Modern organizations are often similar to cities in this respect. They grow over time, and pieces of them become somewhat obsolete islands. The effect this has on IT is paramount. We end up with functionally obsolete aspects of technology such as applications, servers, storage, tapes, printers, user IDs, and myriad other technology artifacts that offer little more than increased risk to the organization.
One such example from my past involves a large data center where I used to work. In the early 90s just before the web became popular, we used to have modems in our desktop computers in almost every office and cubicle and in several other places throughout the data center. We contracted with the phone company to provide “1MB” lines, which is a jargon-esque way to say a plain old telephone line.
We had these 1MB lines installed for various reasons, most of them business related. At some point as an organization we moved away from early LANs to IP-based communication networks. With that move to IP-based communication we also moved to doing more tasks using functionality available on the Internet and the corporate intranet. During this shift, the modems in our computers went away as we upgraded, and people generally stopped using the 1MB lines. Unfortunately no one bothered to tell the phone company that we no longer needed these lines, so for several years we continued to be billed for service, and the organization continued to pay those bills. This went on for several years, and to compound matters, no one had any kind of inventory or list of these 1MB lines or where they were installed.
Cost is only one aspect of this example. Another thing that we really weren’t thinking about was the security risk involved with having telephone lines that someone could potentially use to dial into our data center. Fortunately that risk was never realized.
This is but one example of the type of sprawl that affects IT organizations. We move from an obsolete technology to something new, but we often aren’t concerned with decommissioning the old technology. Think of the 1MB lines that we had in our data center as dead and obsolete shopping malls that cities sometimes forget as they grow.
Eventually, during an audit during our telecom expenses in the late 90s, someone noted that the organization was spending a significant amount of money on 1MB lines but no one really knew what we were using them for. Eventually someone realized that we used to use them when we had modems in our computers.
Because we had no effective register or list of these 1MB lines, we kicked off a short-term project that involved identifying what these lines were, where they were, and whether or not they were being used. I spent about a month of my life in the late 90s crawling around a data center plugging in a phone to random phone jacks throughout the data center and then listened on the handset for a dial tone.
Through this audit we were able to produce a list and eventually all of the 1MB lines that weren’t being used were disconnected. We saved a significant amount of money through this simple audit.
Can ITIL help IT get away from the sprawl? Absolutely. One good example would be if we had tracked these 1MB lines as configuration items in a configuration management system, we could have easily obtained a list of these items and relevant attributes without having to crawl beneath cubicles and lift up random floor tiles in the data center to check for phone jacks. We were actually fairly good at supplier management, but if we had been a little bit better we would have been regularly reviewing things like telecom invoices. There are many other ways that ITIL could have helped.
Organizations regularly experience IT sprawl, and it’s important that service management processes take this into account and retire configuration items that are no longer in use by the organization. Not doing this can result in the realization of significant financial and security risks.