IT service management has to deal with everything from recalcitrant printers to potential network security breaches – sometimes within minutes of one another. But while even the most proactive IT service desk is used to responding to incidents, incident overload can lead to overlooking the occasional important event.
Fortunately, many IT service desks implement automatic alerts so appropriate personnel are notified when something is amiss. For example, some IT service desk packages can issue alerts whenever new software is installed on a network machine. That way if someone has downloaded an app without authorization, the IT service desk knows about it and can take appropriate action to protect network security.
What Is Alert Fatigue?
The problem is, when alerts happen frequently, it’s easy for IT service desk workers to give only passing attention to them, raising the possibility of missing something that really does need attention. This is known as “alert fatigue” and it happens in a lot of industries. In healthcare, for example, alert fatigue happens when alerts about, say, possible drug interactions overwhelm providers, who may start to tune them out.
Major data breaches often trigger alerts that go directly to frontline IT service desk workers, but if alert fatigue is too entrenched, nobody may act, and the results can be disastrous. A large IT organization can get up to 150,000 alerts per day, the majority of which turn out to be nothing serious. But what about those alerts that indicate a real problem? It’s simply not reasonable to have the service desk sort through massive numbers of alerts to separate legitimate threats from minor problems. There would be no time left over for good IT service management.
How Can You Prevent Alert Fatigue?
With alert fatigue, prevention is better than cure. Before alert fatigue can become a problem, your IT service desk should establish clear rules about which alerts reach a level of seriousness that requires immediate review. All IT service desk workers should understand these rules and what to do if they receive an escalated alert. It’s also smart to make a policy about proactive communication in the event of a serious threat. Sometimes, a single event can cause multiple alerts – from end-users, partners, or other IT workers. Having a rule that a designated person keeps everyone informed about the status of the event can help limit the number of secondary alerts that result from an incident.
Defining the Escalation Process
How your organization defines its escalation process depends on several factors, like the size of the organization and the size of the IT team. In a small business with a small IT service desk, evaluating tickets on a case-by-case basis can work just fine. But in larger organizations, specific rules and trigger processes may need to be established for escalation to prevent confusion and duplication of effort. Escalation rules should correlate with how many layers of tech support your IT service management program has, and each support layer’s capabilities.
Some organizations use SLAs in the escalation process. For example, if an alert comes in and goes for a certain period of time without being acknowledged or acted upon, the SLA may specify that it is automatically escalated, or that an email is sent out to an appropriate responder. If your IT service desk software lets you define scope for SLA rules, you can define “high priority” alerts and create a rule that specifies what action to take should one be received.
Ultimately It Comes Down to the People on Your IT Service Desk
Ultimately, however, you can have the most airtight escalation rules and the best alert system and still miss a major problem if your team doesn’t practice good communication and make the effort to stay on top of alerts. Knowing how to manage alerts properly should be part of your team’s IT service management training, and team members should know that you understand about alert fatigue and want to prevent it. Provide your IT service desk with powerful, efficient tools, and they’re less likely to spend time on inefficient processes that can lead them to ignore other things, like alerts on their dashboards.