Whenever I see or ask people working in Data Centers, I see a lot of bureaucracy/process in they way things work. Typical issues are:
- It requires a whole set of processes to get access to the production boxes. This is not a problem per se as these boxes need security, but most of the times the rules are frustratingly complex and require many levels of approval. This typically means that a new joinee takes few weeks to a few months just to get the accounts and accesses before she gets going.
- Many organizations have smart cards, secure IDs, VPNs and a plethora of other softwares that work with their firewalls. One needs to make sure she can connect from home (sometimes these softwares may not allow this to happen) and also even connect from various Office locations. If there are third parties accessing the systems, there may be other layers of authentications coming into play.
- Security measures like Secure Shell (SSH) are sometimes rampantly rolled out even for access within the firewall to Unix servers which is in most cases an overkill.
- Each server has a unique username and password and these vary for Unix, Oracle Databases, Applications, Sysadmin making a DBA/System Administrator wade through Excel Sheets before even attempting to login. Interestingly most of these Excel Sheets are also kept on secure file sharing systems, though you can mostly find latest (unprotected) copies of them on the personal computers of administrators! Imagine running a data center with 500 production boxes and you can already see the system administrator tearing his hair in frustration.
- With the work getting outsources to India, the cheap labour available here does not provide any incentive to automate or streamline this issue.
A really sad state of affairs. Any comments anyone?