If you think that your infrastructure is fully optimized and operating at peak efficiency, you might want to check again. A recent research study conducted by Stanford University and Anthesis Group researchers has found that 30% of virtual servers (all of them) and one-quarter of physical servers are zombies having had no activity in the preceding six months. That’s a lot of wasted power, license, and infrastructure expense – and a lot of opportunity for vulnerability. These zombie servers are often just forgotten about, not intentionally left to sit, so they aren’t patched or maintained as they should be, yet are still connected to the network.
How to Avoid the Zombie Takeover
Keep the zombie servers at bay with strict documentation and change control. It’s easy to spin up a VM, provision extra capacity to handle increases in demand, or to simply lose track of what the server’s function is when someone leaves the company or responsibilities shift. IT must make it a priority to document all network connections and perform regular audits to identify and decommission abandoned servers.
As mentioned above, the threat to the organization is more than monetary, especially for those organizations in regulated industries. Even when a server isn’t being used, it is still connected to the network with the potential to be compromised and provide a gateway to your highly sensitive data. The push for this must come from the top, down. Service is essential, but optimal utilization is imperative for IT to successfully support the business.