ITMPI FLAT 001
Main Menu
Home / IT Governance / How to Protect ITSM from Heartbleed

How to Protect ITSM from Heartbleed

The Heartbleed bug is a very unique and lethal kind of threat. Without the need for privileged credentials or security information, it can allow anyone using the Internet to read a system’s memory, to eavesdrop on communications by obtaining names, passwords, and content, and to steal data directly from services and users to impersonate those services or users. It does this by exploiting a weakness in SSL/TLS encryption. In an article for ServiceManagers.org, IT Service Manager Robert Sieber offers some key advice on how IT organizations can plug the hole in their encryption armor.

DevOps and Change Management

One strategic line of defense that can be laid out against Heartbleed is the collaboration between development and operations teams known as DevOps. In principle, this union relies on speedy deployment of software changes and continuous integration. Another defensive maneuver centers upon change and release management. This, again, requires the speedy processing of information to operations.

Configurations Management and Communications

Configuration management deals with relationships and dependencies in the IT landscape. The maintenance of CMDB is integral to this approach. A bonafide inventory solution should be implemented to answer the relevant questions, making the CMDB integration ideal. Lastly, communication is key. In a crisis situation, everyone involved needs to minimize the chaos by establishing IT as a reliable partner.

Read the full article at: https://servicemanagers.org/consequences-from-heartbleed-for-itsm/

About Eric Anderson

Eric Anderson is a staff writer for CAI's Accelerating IT Success. He is an intern at Computer Aid Inc., pursuing his master's degree in communications at Penn State University.

Check Also

Have You Sold Your Leaders on Asset Management?

In tough economic climates, companies are looking for ways to streamline their processes in addition …

Leave a Reply

Your email address will not be published. Required fields are marked *