Written By Alan Zeichick And Presented By Chuck Leaver
SysSecOps. That’s a neologism, still unseen by many IT and security administrators – but it’s being discussed within the market, by analysts, and at technical conferences. SysSecOps, or Systems & Security Operations, refers to the practice of combining security teams and IT operations teams to be able to make sure the health of business technology – and having the tools to be able to react most effectively when issues happen.
SysSecOps focuses on taking down the info walls, interrupting the silos, that get between security groups and IT administrators.
IT operations personnel are there to guarantee that end-users can access applications, and also vital infrastructure is running 24 × 7. They wish to optimize access and availability, and need the data required to do that task – like that a new employee needs to be provisioned, or a hard disk drive in a RAID array has actually failed, that a new partner needs to be provisioned with access to a secure document repository, or that an Oracle database is ready to be moved to the cloud. It’s all about innovation to drive business.
Very Same Data, Various Use-Cases
While the use of endpoint and network monitoring details and analytics are clearly customized to fit the disparate requirements of IT and security, it ends up that the underlying raw data is in fact the exact same. The IT and security teams merely are looking at their own domain’s problems and scenarios – and doing something about it based on those use-cases.
Yet sometimes the IT and security teams need to collaborate. Like provisioning that brand-new company partner: It needs to touch all the ideal systems, and be done securely. Or if there is an issue with a remote endpoint, such as a mobile device or a mechanism on the Industrial Internet of Things, IT and security may need to interact to identify exactly what’s going on. When IT and security share the very same data sources, and have access to the same tools, this job becomes a lot easier – and thus SysSecOps.
Envision that an IT administrator identifies that a server disk drive is nearing full capacity – and this was not anticipated. Maybe the network had been breached, and the server is now being used to steam pirated motion pictures across the Internet. It occurs, and finding and fixing that issue is a job for both IT and security. The data collected by endpoint instrumentation, and displayed through a SysSecOps-ready tracking platform, can help both sides working together more efficiently than would happen with conventional, distinct, IT and security tools.
SysSecOps: It’s a brand-new term, and a new principle, and it’s resonating with both IT and security groups. You can discover more about this in a short nine minute video, where I talk with several market specialists about this topic: “Exactly what is SysSecOps?”