In IT and server automation it is common to implement ITIL processes and thinking. We believe that this needs to be implemented and become best practice also for embedded devices and OT (operational technology).
We believe that within a very short time frame ITIL thinking will be deployed to OT systems as well because otherwise it is not possible to prevent attacks and outages of those often mission critical systems.
Therefore qbee.io implements an audit system:
Here any configuration change is logged. This includes:
- who did the change
- when was it done
- what was done
- which devices were effected
- was this successful
In addition we also logg information about CVE vulnerabilities and how these were rated. Non-relevant CVE results can be disabled or deleted and this will also be shown here.