Expert Insights and Best Practices for IT Operations | Evolven Blog

Redefining Control: Conquering Cloud Configuration Complexity

• 30 May 2023
• Written by: Kristi Perdue

Go to the Cloud they said.  It makes things faster, better, cheaper, they said.  Does it? 

Well, it depends on your perspective. According to Uptime’s 2022 Data Center Resiliency Survey, “networking-related problems have been the single biggest cause of all IT service downtime incidents – regardless of severity – over the past three years. In fact, outages attributed to software, network, and systems issues are on the rise due to complexities introduced by the increased use of cloud technologies, software-defined architectures, and hybrid, distributed architectures.”

A Modern View of Risk and Compliance: Eliminate the Fear of Rapid Change

• 23 May 2023
• Written by: Eric Newcomer

They say the only constant is change, but for IT the pace of change is not just constant: it’s constantly accelerating. This puts a ton of pressure on IT dev, sec, and ops teams because change is the primary cause of failure.

Business goals frequently conflict with security and risk mitigation controls, and it’s hard to maintain the balance between rapidly improving an app’s user experience and keeping systems compliant, available, and safe. The result is often security and compliance gaps, despite the best of intentions.

T+1 Transaction Timeline From 1976 to May 2024 and beyond.

• 17 May 2023
• Written by: Evolven Team

As the deadline for the SEC’s T+1 initiative approaches on May 28th, 2024, IT departments are facing the challenge of making sure their systems are up to date and ready for the demands of T+1 transactions. The T+1 initiative is a move to shorten the trade settlement cycle from the current two-day, T+2, to a one-day,  T+1. This is a major change for the industry, requiring that systems support the completion and settlement of transactions within 24 hours, and also scale to the increased demand enabled by the faster settlement time. And in this case - there really isn’t a Plan B or hope for a postponement. The consensus of the industry is that just like with the year 2000, a back-out of T+1 functionality is not an option.  Any problems will need to be addressed by the applicable firm(s) prior to the deadline, or be subject to fines and associated damages. The industry is moving forward with T+1 settlement on May 28th, 2024  - whether you are ready or not.

5 Top Reasons Configuration is A Risky Business

• 03 May 2023
• Written by: Kristi Perdue

The complexity and rapid evolution of IT systems have made configuration a challenging and risky business for enterprises. Misconfiguration or improper configuration changes can expose organizations to cybersecurity threats, compliance violations, and reputational damage. In this blog post, we will discuss the five reasons why configuration is a top challenge for IT teams globally. To mitigate these configuration risks, organizations must leverage configuration risk intelligence, which involves gathering, analyzing, and using information about IT configuration state and changes to identify potential risks and vulnerabilities proactively. With configuration risk intelligence, enterprises can prioritize security controls, inform risk management decisions, communicate risks to stakeholders, and improve their overall security posture.

ISO27001 and Best Practices for Preparing for Audit

• 26 Apr 2023
• Written by: Evolven Team

ISO 27001 is an international standard that outlines best practices for information security management systems (ISMS). IT professionals must ensure their organizations comply with this standard to safeguard sensitive data, reduce security risks, and demonstrate their commitment to security.

Scoring A Risky Business

• 22 Feb 2023
• Written by: Charley Rich

Configuration is a Risky Business

A young Tom Cruise led the cast in the 1983 “Risky Business” movie. Portraying a teen looking for fun at home while his parents were away, he quickly let the situation get out of hand resulting in exactly what you would expect--absolute mayhem.  Perhaps only outdone and outscored in risk by Ferris Bueller, Tom’s unauthorized changes to the rules set by his parents created a very risky misadventure for him, his friends, and his parents.  As this was movie land, the impacts of their misconfigured weekend were resolved, and the stories were reconciled, all before two hours were up.  If only…

Expert Interview: From Reactive to Proactive Configuration Awareness With Four-Dimensional Observability

• 08 Feb 2023
• Written by: Evolven Team

Every organization should know the importance of digital transformation. But do they understand how important observability is to make the digital transformation happen?

More importantly, do they understand that managing configuration change is the missing ingredient in most vendors’ concept of observability, which is the secret to agile organizations?

It’s 10 pm, Do You Know Where Your Configuration Assets Are?

• 31 Jan 2023
• Written by: Charley Rich

In the late 1960s, the catchphrase, “It's 10 pm, Do You Know Where Your Children Are?” was delivered across TV sets nationwide (in the US) reminding parents to keep their children safe in a time of rapid change, civil unrest, and turmoil. Today, there’s plenty of change, and unrest (and sometimes even turmoil) in Information Technology (IT) Infrastructure and Operations (I&O) teams as they transform into agile cultures embracing DevOps, DevSecOps, and Platform Engineering. But instead of “children” they need to protect, it is an entity referred to as “configuration”.

Prevent Misconfigurations in the Cloud: Walking Between the Raindrops

• 25 Jan 2023
• Written by: Evolven Team

Three key takeaways:

• Enterprises are undergoing digital transformation. Business demands based on financial pressures necessitate this revolution. This new perspective drives the teams responsible for developing and maintaining IT infrastructure to embrace the inevitable, become more agile and better manage change
• Enterprise IT infrastructure configurations are numerous, complex, and fraught with risk. The rapidity and frequency of configuration change, and the context and content of those changes all contribute to making managing configuration change one of the most challenging problems for infrastructure and operations teams to regularly deal with in today’s hybrid or multi-cloud deployments
• There is a solution to better understand your infrastructural complexity and configuration state: four-dimensional (4D) observability. Observability has become a common claim for vendors who focus on the symptoms of problems once they have already occurred, using telemetry from traces, logs, and metrics. However, this can be drastically improved upon by increasing the scope of monitoring to provide early detection of granular configuration changes and the risk they may impose on stability, security or compliance.

Recognizing New Configuration Risks Introduced by Digital Transformation

• 04 Jan 2023
• Written by: Sasha Gilenson

Three key takeaways:

• Digital transformation, while an essential initiative for enterprises, brings its share of challenges. From process and decision-making transitions to the dynamic state of its complex cloud environments, organizations need to be prepared to face these issues head-on.
• Decentralization of decision making driven by an agile DevOps approach may lead to departure from traditional ITIL processes and the weakening of risk controls. An automated risk gateway powered by AI-based Evolven Configuration Risk Intelligence helps to balance control and speed, identifying and mitigating risks prior to production.
• Evolven’s Configuration Risk Intelligence solution provides the visibility needed to shift from old environments to new ones. Incidents happen fast in the cloud, so knowing the state of an environment is essential: Armed with ongoing insights, Evolven’s technology tracks the specific configuration changes at the root of performance and availability issues.