1 (866) 866-2320 Straight Talks Events Blog

The Unseen Culprit Behind IT Outages: Configuration Drift


The Unseen Culprit Behind IT Outages: Configuration Drift


This content is brought to you by Evolven. Evolven Change Analytics is a unique AIOps solution that tracks and analyzes all actual changes carried out in the enterprise cloud environment. Evolven helps leading enterprises cut the number of incidents, slash troubleshoot time, and eliminate unauthorized changes. Learn more

In today's fast-paced and interconnected digital landscape, IT outages can have catastrophic implications for large enterprises. Whether it's a halt in operations, a damaged reputation, or a dent in the bottom line, the ramifications are vast and often hard to quantify.

Based on insights from pingdom.com, large corporations face downtime costs exceeding $16,000 every minute. It's essential to recognize that these costs can fluctuate considerably depending on the industry, corporation size, and business nature. For example, sectors with high risks, including finance and healthcare, can endure costs surpassing $5 million each hour of downtime, which translates to about $83,333 every minute. While organizations with a strong online presence, like major eCommerce players, might incur even steeper losses. Thus, pinpointing an exact cost can be challenging due to these variables, but it's evident that the average downtime cost for sizable corporations can vary from $16,000 to even over $1 million per minute.

But what if we told you there’s an elusive culprit behind many of these IT outages? It’s called configuration drift.

What is Configuration Drift?

At its essence, configuration drift refers to the phenomenon where running environments deviate from their intended states or baselines over time. This happens due to misconfigurations in planned changes or unplanned changes made to systems. Whether it's an accidental parameter alteration by a developer or a software update that unknowingly changes settings, these minor shifts, when unchecked, can accumulate and cause systems to behave unpredictably.

Unpacking IT's Hidden Challenges: The Impact of Configuration Drift When It Occurs

In the world of IT, we often hope for smooth operations with systems working in harmony. But a closer look reveals a myriad of settings and choices. And in a world that is getting more complex, not less, even the smallest changes can cause big problems. Here’s a breakdown of just a few things that can go wrong when configurations go astray:

  • Varying Environments: Consistency is the bedrock of smooth IT operations. Yet, if environments such as development, staging, and production fall out of sync with one another due to overlooked changes, the results can be destabilizing.
  • Managing Dependencies: Configurations play a pivotal role in harmonizing software dependencies and their versions. Any unintentional shifts can create compatibility conflicts, jeopardizing application performance.
  • Introduction of Security Changes: Security is non-negotiable. However, even minor deviations in security configurations can either throw open the doors to unauthorized users or inadvertently block legitimate ones—both scenarios are a recipe for disaster.
  • Networking Nuances: The modern IT ecosystem thrives on robust connectivity. Yet, seemingly innocuous changes in networking setups, be it firewall adjustments or routing alterations, can either sever vital connections or inadvertently expose critical services.
  • Hardware Glitches: Dive deep, and you'll realize that even foundational hardware settings, such as BIOS/UEFI or firmware, aren't immune to drift. When they veer off course, IT can expect erratic system behaviors and failures.
  • Resource Roadblocks: Configurations influence resource allocation. A seemingly benign change can escalate a service’s memory or CPU consumption, potentially grinding systems to a halt.
  • Data Integrity Issues: Databases, the lifelines of many applications, aren't exempt from drift-related woes. Misconfigurations can introduce data inconsistencies or even corruption, heralding application glitches, complete breakdowns, or data exfiltration.
  • Monitoring Mistakes: It's not just about having monitoring tools; it's about ensuring they're correctly configured. Drift here can blindside you by muting essential alerts, leaving issues undetected that remain brewing into incidents.
  • Backup Blunders: Backing up data is foundational for disaster recovery. But if backup configurations drift, they can jeopardize the entire recovery process, either making it impossible or resulting in significant data loss.
  • Cluster Mucks: Cluster consistency assures that when high performance is required every system can handle its part of the load just like any other. When this integrity is impaired the mistakes can result in lost sessions, lost revenue, and lost reputation.
  • Interconnected Complexities: The interwoven nature of today's IT environments means that a configuration hiccup in one corner can trigger disruptions across multiple systems. It also means that a change by one department, let's say development can impact security and vice versa.

In essence, the intricacies of configuration drift in modern IT ecosystems are vast and varied. As the environment grows more complex, the need for vigilant, proactive management becomes ever more crucial to understand the shared configuration risk involved across your end-to-end infrastructure. Ensure that you're equipped to handle these challenges head-on before minor drift spirals into a significant disruption.

Configuration Drift: The Silent Saboteur

While high-profile cyber-attacks often steal the limelight in news headlines, configuration drift silently sabotages systems, leading to downtimes and outages. Let’s examine a couple of real-life examples:

The Knight Capital Group Fiasco (2012): This was a financial services firm whose downfall came not because of external attacks or market dynamics, but due to a flawed algorithm that in essence caused configuration drift. A software update, intended for a small subset of servers, ended up on all of them. This algorithm started running, creating uncontrolled trading, and in approximately 30 minutes, the firm lost over $440 million.

Amazon Web Services Outage (2017): AWS suffered a major outage in 2017, impacting a slew of internet services. While many speculated on the reasons, AWS clarified that a debugging operation went awry due to incorrect command execution by an employee. Essentially, a minor human error led to a configuration drift issue that created widespread service disruption adding up to over $150M.

Facebook, Instagram, WhatsApp Outage (2023) Imagine managing a city's traffic lights. One small tweak goes wrong, causing a traffic jam everywhere. Similarly, in 2023, (on this occasion) a minor adjustment to Facebook's "traffic system" (backbone routers) disrupted its entire network. A misstep in the Border Gateway Protocol (BGP) rendered Facebook's services, like WhatsApp and Instagram, unreachable for six hours. A tiny change led to massive digital chaos and equally massive losses in ad revenue.

The High Stakes of Drift for Fortune 2000 Companies

For leaders helming Fortune 2000 companies, it's critical to grasp the scope of damage that configuration drift can cause:

  • Financial Impact: As seen with Knight Capital Group, the financial damage can reach millions in mere minutes.
  • Reputational Demise: An IT outage, especially one affecting customer-facing applications, can erode trust swiftly.
  • Operational Downtime: Time spent in rectifying outages means lost productivity, revenue (as with Amazon and Facebook), and stalled operations.
  • Security Vulnerabilities: Misconfigurations can expose systems to external threats, adding a layer of cyber risk.

Solving Your Drift Dilemma with Evolven

Understanding the challenges and stakes, Evolven has crafted a platform tailored to monitor, manage, and mitigate the risks of configuration drift. Our solution doesn't just detect drift – Configuration Risk Intelligence provides actionable insights, based on our patented, risk-based, AI technology. These insights enable IT leaders to intervene – proactively - before even minor configuration changes can snowball into major outages.

With a deep understanding of enterprise dynamics, Evolven offers not only technical prowess but intuitive multi-level dashboards with insights that all levels of IT demand. It’s not just about detecting problems; it's about equipping your teams and leadership with the foresight and tools to maintain operational excellence.

When it comes to the stability and reliability of your IT infrastructure, can you afford to be reactive? Embrace Evolven and always stay ahead of configuration drift.

Contact us and find out more.

About the Author
Kristi Perdue
Vice President of Marketing