Change & Configuration Management White Papers
Read the latest white papers from industry experts New Net Technologies. We provide comprehensive information on IT security and compliance.
The purpose of this overview is not to replace existing best practice approaches to Change Management or in any way attempt to re-write existing sensible ITSM Change Management Process such as the formerly labeled ITIL.
Within any IT estate, the only constant is change.
Change Control has always been a key security best practice. With every change made to IT systems comes a risk of a weakening of security defenses, not to mention operational problems, through misconfigurations. Changes also create ‘noise’ that makes it more difficult to detect a breach when a cyber attack succeeds.
A formalized Change Management process is vital in order to maximize the effectiveness of any change while minimizing potential problems resulting from a configuration change being made. All security and corporate governance policies such as the PCI DSS, SOX, NERC CIP, HIPAA, ISO27K and GCSx CoCo all demand a robust change management process for this reason.