OSM News

• New white paper: Managing and monitoring privileged users to get a demonstrable, positive Return on Investment (RoI) using COSduty-SSA v4.0
• OSM release v4.0 of COSduty-SSA
• OSM releases v2.4 of COSbatch
• OSM releases a solution to integrate COSuser with MIIS
• Computer Weekly: "Water company rolls out COSuser user access system to improve IT security"

COSduty Overview

Being responsible for a heterogeneous network of UNIX systems is challenging enough. Combined with the additional problems of managing a team of diverse individuals all of whom have their own expectations and development needs, the task can appear overwhelming.

Experienced staff get bored with the mundane, routine and repetitive system management duties and want to spend their time on the ‘new’ IT projects. Junior team members need guidance and you dare not risk letting them loose on the more sensitive system administration tasks.

You feel confident that some of the more IT-literate department heads are more than capable of adding new-joiners to their system, but only as long as it is done within a secure and reliable process and to a defined policy.

COSduty benefits

• Increases efficiency of system management teams

• Simplifies management of distributed systems

• Enforces policy-driven management

• Increases management control

• Encapsulates knowledge, expertise and best-practice management

Increases efficiency of system management teams

COSduty automates routine operational tasks which has several benefits:

• It saves time

• It frees up resources

• It reduces the possibility of human error by ensuring that operators seldom have to enter commands, but instead run predefined duties

By encapsulating local expertise and complex procedures into one or more duties, COSduty can help to automate many system administration functions.

What can not be automated, can, more often than not, be simplified and delegated.

COSduty enforces role-based security where each user is assigned one or more pre-defined roles. This enables people with similar responsibilities to be grouped into teams.

Members of such ‘teams’ or ‘roles’ can select one of a number of duty views such as view outstanding duties. The individual sees what system management tasks need doing. Through the use of management-by-color, each task or duty is color-coded to indicate its chronological priority – e.g. overdue, almost overdue, due now or due later.

Secure-delegation is a key COSduty concept where a system management task is defined as a duty. The duty, rather than the user of the duty, is then assigned the correct privileges to execute.

COSduty’s secure-delegation feature enables work-by-proxy. A user who, under normal circumstances, would not be privileged or qualified to execute a procedure can, temporarily, be given proxy power to accomplish the task.

The powerful delegation features of COSduty deliver key benefits to a team of system managers:

• A team’s dependence on individual skills is reduced and this minimizes the operational difficulties associated with staff development and turnover

• Converting repetitive and mundane tasks into encapsulated procedures allows experienced staff to concentrate on IT projects that further increase the organization’s competitive advantage

Simplifies management of distributed systems
Duties hide the complexities of an operating system. They are controlled and audited, enabling reliable delegation to less-experienced staff. This enables junior or new staff to be effective immediately with little or no training.

Duties can even be delegated to people whose primary job function is not the provision of IT service. For example, an office administrator at an OSM customer organization, with no system administration experience or knowledge, now manages departmental printers and print jobs, thanks to the deployment of COSduty. This removed the need for the whole department to rely on the local UNIX ‘guru’ to type in obscure lpr commands. Now, the system administrator is able to put her highly-paid skills to better use on new IT projects and the office administrator is now in control and can resolve most, if not all, printing problems. The office administrator is also able to, and does, a daily backup with COSbackup and adds new-joiners to their department with COSadmin.

Enforces policy-driven management
COSduty encourages sound management practices by making it possible to perform the regular operations workload in a way that is efficient, reliable, verifiable, and repeatable. It provides a way of managing and controlling the workload of staff in an open systems environment.

Increases management control
COSduty enforces role-based security where each user is assigned one or more pre-defined roles. Each role is granted a set of access capabilities that allow the running and viewing of duties. Any role can be assigned to any user, effectively grouping people into teams by their role or roles. Duties can be delegated to people or roles (teams). However, the manager or supervisor retains complete control over which tasks are done and when.

System managers define which operational tasks need to be performed, and when, then set-up the appropriate tasks as duties within COSduty. A duty can be any command or series of commands or scripts that could be entered at the command prompt. Instead of granting users access to privileged accounts such as root, system managers define each function as a duty, assign correct privileges to that duty then assign users access to particular duties.

Encapsulates knowledge, expertise and best-practice management
COSduty is a window onto a database of encapsulated knowledge. System management policies, best-practice procedures and knowledge can all be encapsulated into tasks or duties. Once defined, these duties are completed automatically or carried out to a pre-defined schedule. Alternatively, and perhaps more powerfully, these duties can be then delegated to teams of individuals and performed on an ad-hoc basis — allowing the most complex procedures to be encapsulated and reused.

COSduty supports embedded on-line hypertext policy documents. For example looking up a procedure in a defined policy manual on the organization’s intranet could be linked to the actual task within COSduty.

Staff in positions of authority may be empowered to view any combination of duties that best enhances their management perspective. For example, a team supervisor may wish to have a permanent view of all outstanding duties, sorted in priority order.

From a junior member of staff’s perspective, workload views will be restricted to their pre-configured tasks, with each duty being prioritized and color-coded according to its schedule. Junior staff are effectively prompted and reminded of the day’s duties.

The COSduty audit-record provides full details of which duties were performed or skipped, and whether they succeeded or failed. The comprehensive audit-record allows extensive management reporting.

Duties for all systems can be defined and executed from a central system. The duty encapsulates the host or host-class it is to be run on. This enables a network of systems to be controlled from a single point. COSduty ensures that only those procedures appropriate for the remote hosts are available and only to authorized staff.

Privacy

Legal

Contact

Copyright© 2006  Open Systems Management Limited