Cockpit of the new Boeing 787 Dreamliner

Running a complex organization without monitoring is like piloting a Boeing 777 with no instruments in the cockpit.

Yes, it's possible to fly a little Cessna without instruments just by the seat of your pants and looking out of the window.  But your'e in the cockpit of a huge jet with hundreds, if not thousands of people depending on you to make the right decision.

Technology has infiltrated organizations so thoroughly that no-one seriously thinks of going back to the old days. However, many organizations have no idea what's going on with that technology, and how well it is functioning. It is largely unmanaged, because to manage any system, you need good information and that comes from monitoring.  

Monitoring of any system upon which an organization depends is fundamental. At the very least, monitoring of availability and performance is required for Business Continuity.  A well designed monitoring system can quickly identify root causes of operational failures or slowdowns and save precious production time.

Monitoring of all security events is mandated by many federal and state regulations where protected data is involved. Even in unregulated environments, the practice of monitoring security and access logs is common business sense. In either case, it is now standard practice to securely transmit all such logs to an off-site data escrow facility.  This ensures that no tampering of evidence can occur to conceal malicious insider activity.

All monitoring should be partnered with an alerting and reporting system. Some events, such as a simple server failure or a complex hacker access attempt, should trigger immediate alerts to ensure a swift response.  Other events, such as routine Internet access and logon/logoff activity are so voluminous that any type of manual inspection is unthinkable.  These events should be aggregated, normalized and sorted into a database from which reports may be generated.

