Thanks Ron, I'll forward that on to him and get him to view the talks.
MWD. 2010/1/12 Ron Gula <[email protected]>: > On 1/12/2010 9:01 AM, Monkey Daemon wrote: >> I have a friend who is interested in investigating "visible ops" >> however he's having a real issue getting anyone in the organisation to >> accept a proposal for a change management system, never mind a culture >> change towards a new way of doing things. >> >> Does anyone have any experience of using Visible Ops that I might be >> able to pass on to him in order that he can sell this (or another >> improved way of working) to his managment team? >> > > This sort of conversation comes up a lot at the IANS forums Tenable > participates with. I hear end users all the time ask for tips on how to > get buy-in for change management, standard builds, executive governance, > .etc. It has many different names. > > In the face of non-believers, my advice is as follows: > > - Use whatever regulations your organization MUST comply with as a > starting point. For example, I've seen pristine PCI server farms yet the > CEO's desktop has a random configuration. Use what is working elsewhere > to fix things that are broken. > > - Show how you can save money. A big principal of Visible Ops is that > controling change also tends to control when you have bugs or outages. > Keep in mind that saving money could mean lowering the number of people > working in IT, lowering the number of help desk calls, .etc. > > I speak a lot about this sort of stuff, and use the slant of log > analysis, configuration auditing and vulnerability scanning as a view > into how the IT management process works. Some of these are online: > > Winning at the Compliance Game > https://www1.gotomeeting.com/register/706770928 > (requires an email address) > > If you want a specific view on Visible Ops, I wrote a paper on how vuln > scanning and network monitoring can help map into this process which is > here: > > http://www.nessus.org/whitepapers/tenable_and_visible_ops.pdf > > -- > Ron Gula, CEO > Tenable Network Security > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
