Saba ne-4 enkulu kaJulayi . Namhlanje sipapasha isicatshulwa sentetho ka-Andrey Novikov evela kwi-Qualys. Uya kukuxelela ukuba ngawaphi amanyathelo ekufuneka uhambe ngawo ukuze wakhe inkqubo yolawulo lobuthathaka. Spoiler: siza kufikelela kuphela kwisiqingatha sendlela phambi kokuskena.
Inyathelo #1: Misela inqanaba lokuvuthwa kweenkqubo zakho zolawulo lobuthathaka
Kwasekuqaleni, kufuneka uqonde ukuba umbutho wakho ukuliphi inqanaba malunga nokukhula kweenkqubo zolawulo lobuthathaka. Kuphela emva koku uya kukwazi ukuqonda apho uhamba khona kwaye ngawaphi amanyathelo ekufuneka athathwe. Ngaphambi kokuqalisa izikena kunye neminye imisebenzi, imibutho kufuneka yenze umsebenzi wangaphakathi ukuqonda ukuba iinkqubo zakho zangoku zakhiwe njani kwi-IT kunye nembono yokhuseleko lolwazi.
Zama ukuphendula imibuzo esisiseko:
- Ingaba unazo iinkqubo ze-inventri kunye nokuhlelwa kwee-asethi;
- Ingaba isiseko se-IT siskenwa rhoqo kwaye sisonke isiseko sigutyungelwe, uyawubona wonke umfanekiso;
- Ngaba izixhobo zakho ze-IT zibekwe esweni?
- Ngaba naziphi na ii-KPIs eziphunyeziweyo kwiinkqubo zakho kwaye uyaqonda njani ukuba ziyahlangatyezwa;
- Ngaba zonke ezi nkqubo zibhaliwe?
Inyathelo #2: Qinisekisa uFundo olupheleleyo lweziSeko ezinguNdoqo
Awunako ukukhusela into ongayaziyo ngayo. Ukuba awunawo umfanekiso opheleleyo wento isiseko sakho se-IT senziwe ngayo, awuyi kukwazi ukusikhusela. Iziseko ezingundoqo zale mihla zintsonkothile kwaye zihlala zitshintsha ngokobungakanani nangomgangatho.
Ngoku isiseko se-IT asisekelwanga kuphela kuthotho lwetekhnoloji yeklasikhi (iindawo zokusebenzela, iiseva, oomatshini ababambekayo), kodwa nakwizikhongozeli, ii-microservices. Inkonzo yokhuseleko yolwazi ibaleka kule yokugqibela ngandlela zonke, kuba kunzima kakhulu ukuba isebenze kunye nabo kusetyenziswa izixhobo ezikhoyo, ezibandakanya ikakhulu iiskena. Ingxaki kukuba nasiphi na iskena asikwazi ukugubungela iziseko zophuhliso. Ukuze iskena sifikelele nakweyiphi na i-node kwi-infrastructure, izinto ezininzi kufuneka zihambelane. I-asethi kufuneka ibe ngaphakathi kweperimeter yombutho ngexesha lokuskena. Iskena kufuneka sibe nokufikelela kuthungelwano kwii-asethi kunye nee-akhawunti zazo ukuze kuqokelelwe ulwazi olupheleleyo.
Ngokwezibalo zethu, xa kufikwa kwimibutho ephakathi okanye emikhulu, malunga ne-15-20% yeziseko zophuhliso azibanjwanga sisikena ngesizathu esinye okanye esinye: i-asethi ihambe ngaphaya komjikelezo okanye ayizange ibonakale eofisini kwaphela. Umzekelo, ilaptop yomqeshwa osebenza ekude kodwa usenokufikelela kuthungelwano lweshishini, okanye i-asethi ifumaneka kwiinkonzo zamafu zangaphandle njengeAmazon. Kwaye iskena, kunokwenzeka ukuba, asikwazi kwanto malunga nezi mpahla, kuba zingaphandle koluhlu lwazo lokubonakala.
Ukugubungela yonke iziseko zophuhliso, kufuneka ungasebenzisi nje izikena kuphela, kodwa iseti yonke yabenzi boluvo, kubandakanywa itekhnoloji yokumamela i-traffic yokukhangela izixhobo ezitsha kwisiseko sakho, indlela yokuqokelela idatha yearhente ukufumana ulwazi - ikuvumela ukuba ufumane idatha kwi-Intanethi, ngaphandle imfuno yokuskena, ngaphandle kokuqaqambisa iziqinisekiso.
Inyathelo #3: Hlela ii-asethi
Ayizizo zonke ii-asethi ezenziwe ngokulinganayo. Ngumsebenzi wakho ukumisela ukuba zeziphi ii-asethi ezibalulekileyo nezingabalulekanga. Akukho sixhobo, njengeskena, siya kukwenzela oku. Ngokufanelekileyo, ukhuseleko lolwazi, i-IT kunye nezoshishino zisebenza kunye ukuhlalutya izibonelelo zokuchonga iinkqubo ezibalulekileyo zoshishino. Kubo, bamisela iimetriki ezamkelekileyo zokufumaneka, ukuthembeka, ubumfihlo, i-RTO/RPO, njl.
Oku kuya kukunceda ukuba ubeke phambili inkqubo yakho yolawulo lomngcipheko. Xa iingcaphephe zakho zifumana idatha malunga nokuba semngciphekweni, ayizukuba liphepha elinamawakawaka obuthathaka kulo lonke iziseko zophuhliso, kodwa ulwazi lwegranular luthathela ingqalelo ukubaluleka kweenkqubo.
Inyathelo #4: Qhuba uVavanyo lweZiseko zoPhuhliso
Kwaye kuphela kwinqanaba lesine apho siza kuvavanya iziseko zophuhliso ukusuka kwindawo yokujonga ubuthathaka. Ngeli nqanaba, sincoma ukuba unganikeli ingqalelo kuphela kwi-software ebuthathaka, kodwa kunye neempazamo zoqwalaselo, ezinokuthi zibe sesichengeni. Apha sincoma indlela ye-arhente yokuqokelela ulwazi. Izikena zinokusetyenziswa kwaye kufuneka zisetyenziswe ukuvavanya ukhuseleko lomjikelezo. Ukuba usebenzisa izibonelelo zababoneleli belifu, kuya kufuneka kwakhona uqokelele ulwazi kwii-asethi kunye noqwalaselo ukusuka apho. Nika ingqwalasela eyodwa ekuhlalutyeni ubuthathaka kwiziseko ezingundoqo kusetyenziswa izikhongozeli zeDocker.
Inyathelo #5: Seta ingxelo
Le yenye yezinto ezibalulekileyo kwinkqubo yolawulo lobuthathaka.
Inqaku lokuqala: akukho mntu uya kusebenza ngeengxelo zamaphepha amaninzi kunye noluhlu olungahleliwe lobuthathaka kunye neenkcazo zendlela yokuphelisa. Okokuqala, kufuneka unxibelelane nabalingane kwaye ufumanise ukuba yintoni ekufuneka ibekho kwingxelo kunye nendlela ekulungele ngayo ukuba bafumane idatha. Umzekelo, omnye umlawuli akayifuni inkcazo eneenkcukacha zobuthathaka kwaye ufuna kuphela ulwazi malunga nepetshi kunye nekhonkco kuyo. Enye ingcali ikhathalela kuphela ubuthathaka obufunyenwe kwiziseko zoncedo zothungelwano.
Inqaku lesibini: ngokunika ingxelo andithethi kuphela iingxelo zephepha. Le yifomati yakudala yokufumana ulwazi kunye nebali elingatshintshiyo. Umntu ufumana ingxelo kwaye akanako nangayiphi na indlela ukuphembelela indlela idatha eya kuboniswa ngayo kule ngxelo. Ukufumana ingxelo kwifom efunwayo, ingcali ye-IT kufuneka iqhagamshelane nengcali yokhuseleko lolwazi kwaye imcele ukuba akhe kwakhona ingxelo. Njengoko ixesha lihamba, ubuthathaka obutsha buvela. Endaweni yokutyhala iingxelo ukusuka kwisebe ukuya kwisebe, iingcali kuzo zombini iinkalo kufuneka zikwazi ukujonga idatha kwi-intanethi kwaye zibone umfanekiso ofanayo. Ke ngoko, kwiqonga lethu sisebenzisa iingxelo eziguquguqukayo ngendlela yeedeshibhodi ezilungele ukwenziwa.
Inyathelo #6: Beka phambili
Apha ungenza oku kulandelayo:
1. Ukudala indawo yokugcina enemifanekiso yegolide yeenkqubo. Sebenza ngemifanekiso yegolide, khangela ukuba ubuthathaka kunye noqwalaselo oluchanekileyo ngokuqhubekayo. Oku kunokwenziwa ngoncedo lwee-arhente eziya kuxela ngokuzenzekelayo ukuvela kwe-asethi entsha kunye nokubonelela ngolwazi malunga nobuthathaka bayo.
2. Gxininisa kwezo mpahla zibalulekileyo kwishishini. Akukho namnye umbutho ehlabathini onokususa ubuthathaka ngexesha elinye. Inkqubo yokuphelisa ubuthathaka inde kwaye iyadika.
3. Ukunciphisa indawo yokuhlaselwa. Coca isiseko sakho sesoftware kunye neenkonzo ezingeyomfuneko, vala amazibuko angeyomfuneko. Kutshanje siye saba necala kunye nenkampani enye apho malunga ne-40 lamawaka eengozi ezinxulumene nenguqulelo yakudala yesikhangeli seMozilla zifunyenwe kwizixhobo ezingamawaka angama-100. Njengoko kwavela kamva, i-Mozilla yaziswa kumfanekiso wegolide kwiminyaka emininzi eyadlulayo, akukho mntu uyisebenzisayo, kodwa ngumthombo wenani elikhulu lobuthathaka. Xa isikhangeli sisusiwe kwiikhompyuter (kwakukwamanye amaseva), la mashumi amawaka obuthathaka anyamalala.
4. Beka ubuthathaka ngokusekwe kubukrelekrele bezoyikiso. Ungaqwalaseli kuphela ukubaluleka kobuthathaka, kodwa kunye nobukho bokuxhaphazwa koluntu, i-malware, i-patch, okanye ukufikelela kwangaphandle kwenkqubo kunye nobungozi. Vavanya impembelelo yobu buthathaka kwiinkqubo zoshishino ezibalulekileyo: ngaba kunokukhokelela ekulahlekeni kwedatha, ukukhanyelwa kwenkonzo, njl.
Inyathelo #7: Vumelana ngee-KPIs
Musa ukuskena ngenxa yokuskena. Ukuba akukho nto yenzekayo kubuthathaka obufunyenweyo, ke oku kuskena kujika kube ngumsebenzi ongenamsebenzi. Ukuthintela ukusebenza ngobuthathaka ekubeni yinto esesikweni, cinga ngendlela oza kuzivavanya ngayo iziphumo zayo. Ukhuseleko lolwazi kunye ne-IT kufuneka ivumelane malunga nendlela umsebenzi wokuphelisa ubuthathaka uya kulungiswa, ukuba kuya kwenziwa kangaphi ukuskena, iipatches ziya kufakwa, njl.
Kwisilayidi ubona imizekelo yee-KPIs ezinokwenzeka. Kukwakho noluhlu olwandisiweyo esilucebisa kubathengi bethu. Ukuba unomdla, nceda uqhagamshelane nam, ndiya kwabelana nawe ngolu lwazi.
Inyathelo #8: Zizenzele
Buyela kuskena kwakhona. Kwi-Qualys, sikholelwa ukuba ukuskena yeyona nto ingabalulekanga enokuthi yenzeke kwinkqubo yolawulo lobuthathaka namhlanje, kwaye okokuqala kufuneka izenzekele kangangoko ukuze yenziwe ngaphandle kokuthatha inxaxheba kwengcali yokhuseleko lolwazi. Namhlanje kukho izixhobo ezininzi ezikuvumela ukuba wenze oku. Kwanele ukuba bane-API evulekileyo kunye nenani elifunekayo lezixhumanisi.
Umzekelo endiwuthandayo ukunika i-DevOps. Ukuba usebenzisa iskena somngcipheko apho, unokulibala ngokulula malunga neDevOps. Ngetekhnoloji endala, eyisikena sakudala, awusayi kuvunyelwa kwezi nkqubo. Abaphuhlisi abayi kulinda ukuba uskene kwaye ubanike amaphepha amaninzi, ingxelo engalunganga. Abaphuhlisi balindele ukuba ulwazi malunga nobuthathaka luya kungena kwiinkqubo zabo zokuhlanganisa ikhowudi ngendlela yolwazi lwebug. Ukhuseleko kufuneka lwakhiwe ngokungenamthungo kwezi nkqubo, kwaye kufuneka ibe luphawu olubizwa ngokuzenzekelayo yinkqubo esetyenziswa ngabaphuhlisi bakho.
Inyathelo #9: Gxininisa kwizinto eziBalulekileyo
Gxininisa kwinto ezisa ixabiso lokwenyani kwinkampani yakho. Izikena zinokuzenzekela, iingxelo zinokuthunyelwa ngokuzenzekelayo.
Gxininisa ekuphuculeni iinkqubo zokuzenza zibe bhetyebhetye kwaye zilungele wonke umntu obandakanyekayo. Gxininisa ekuqinisekiseni ukuba ukhuseleko lwakhiwe kuzo zonke izivumelwano kunye nabalingane bakho, abathi, umzekelo, baphuhlise izicelo zewebhu kuwe.
Ukuba ufuna ulwazi oluthe vetshe malunga nendlela yokwakha inkqubo yolawulo lobuthathaka kwinkampani yakho, nceda uqhagamshelane nam kunye noogxa bam. Ndingavuya ukunceda.
umthombo: www.habr.com