Real-time monitoring and corresponding alerts are critical for maintaining the performance and security of today’s complex cloud infrastructures. Given the exorbitant amount of data effective network monitoring can produce, however, a troublesome problem often occurs: organizations and their Security, Operations and Development teams start to develop a normalization of deviance.
A normalization of deviance is an incremental and gradual erosion of normal procedures, and it can lead to dire consequences. The explosion of the Challenger space shuttle in 1986 is, unfortunately, an infamous example of a normalization of deviance (and the resultant investigation is where Diane Vaughn developed this theory). NASA had been testing the limits of the joints on its solid rocket boosters and found they weren’t behaving as expected. Rather than halting the development process and dealing with the booster errors head on, NASA chose to accept the problem and move forward with the launch. This normalization of deviance led to the Challenger tragedy, as it was later confirmed that the O-ring gaskets on one of the problematic boosters were responsible for the disaster.
The lesson to learn here is that the normalization of deviance stemmed from an organizational failure at NASA at the management level. It’s also a common occurrence amongst fast-growth technology companies and enterprises that are rapidly Scaling their cloud-based infrastructures and adapting their architectures to changing business needs. In these settings, more tools are required to monitor infrastructure as the business grows and evolves and compute needs adapt to keep up. With more tools come more data and alerts, and as a result, operators have to balance the signal-to-noise ratio to ensure their teams can focus on the most important inputs.
With alerts coming in from a variety of different systems and tools, Security, Operations and Development teams can sometimes feel as if they’re at an obnoxiously loud party, with dozens of people having different conversations about different things at the same time. Without a systematic approach to compensate for this chaos, these teams can become desensitized, so that even when the system flags a truly anomalous activity, the alert may get ignored.
Burnout can lead to longer response times, create an unmanageable volume of technical debt, and generally have a negative effect on a company’s workforce. Team members who are struggling to keep up with never-ending alerts can experience anxiety, sleep deprivation, cognitive impairment and even increased blood pressure or headaches. A normalization of deviance and resulting burnout can also lead to a lack of interest in solving problems or helping customers, and as a result, negatively impact company culture.
A helpful way to determine if there’s a normalization of deviance in your own company is to watch how existing team members interact with new hires. When a new hire asks about an incoming alert, does your team brush it off and dismiss the problem as nothing to worry about? If so, your team has likely developed the habit of accepting bad practices as normal. This happens. It’s not a reason to upend everything, but a signal that leaders need to discover early and begin corrective action.
Chef CTO Adam Jacobs directly addressed burnout at the 2016 ChefCon: “We should make a conscious and intentional choice to build the future we want to be a part of, with our technology and culture.”
The most effective and long-lasting way to prevent a normalization of deviance from permeating your company and Security, Operations and Development teams is simply to communicate more and ensure those teams are empowered to enact change in their tools and process where needed. The fatigue and numbness that can result from a normalization of deviance is usually easier to spot in others than in ourselves, so be on the lookout for team members who may be struggling. Have burnout and personal health be a regular topic of discussion in one-on-one meetings, and make sure everyone is transparent about how current business goals or customer demands are physically and mentally affecting different teams. Perhaps most importantly, recognize that combating the normalization of deviance requires continuous effort. It’s not a task you can check off and then ignore.
Fast-growth technology companies and their Security, Operations and Development teams are all focused on moving at warp speed, building new cloud-based features and making sure complex platforms scale. But it’s equally important to prioritize building a culture of communication, honesty and improvement in order to catch and prevent a normalization of deviance before it sets in. This negative behavior pattern needs to be addressed, not tolerated, to ensure your company’s security defenses remain ahead of any adversaries’ offensive maneuvers.
By Chris Gervais
