Written By Alan Zeichick And Presented By Charles Leaver
SysSecOps. That’s a new term, still unseen by many IT and security administrators – but it’s being talked about within the industry, by analysts, and at technical conferences. SysSecOps, or Systems & Security Operations, describes the practice of uniting security groups and IT operations teams to be able to guarantee the health of enterprise technology – and having the tools to be able to respond most efficiently when problems occur.
SysSecOps focuses on taking apart the information walls, disrupting the silos, that get in between security teams and IT administrators.
IT operations staff exist to make sure that end-users can access applications, and that crucial infrastructure is running 24 × 7. They wish to maximize access and availability, and require the data needed to do that task – like that a brand-new worker must be provisioned, or a disk drive in a RAID array has actually failed, that a new partner needs to be provisioned with access to a secure file repository, or that an Oracle database is ready to be migrated to the cloud. It’s all about innovation to drive business.
Exact Same Data, Different Use-Cases
While making use of endpoint and network monitoring info and analytics are clearly customized to fit the diverse needs of IT and security, it ends up that the underlying raw data is actually the same. The IT and security groups merely are looking at their own domain’s problems and circumstances – and acting based on those use-cases.
Yet in some cases the IT and security groups need to work together. Like provisioning that brand-new service partner: It should touch all the ideal systems, and be done securely. Or if there is an issue with a remote endpoint, such as a mobile device or a mechanism on the Industrial Internet of Things, IT and security might have to collaborate to identify exactly what’s going on. When IT and security share the exact same data sources, and have access to the very same tools, this job ends up being a lot easier – and thus SysSecOps.
Think of that an IT administrator identifies that a server hard drive is nearing total capacity – and this was not expected. Possibly the network had been breached, and the server is now being used to steam pirated movies across the Web. It occurs, and finding and fixing that issue is a job for both IT and security. The data collected by endpoint instrumentation, and showed through a SysSecOps-ready tracking platform, can help both sides working together more efficiently than would occur with standard, distinct, IT and security tools.
SysSecOps: It’s a new term, and a brand-new concept, and it’s resonating with both IT and security teams. You can discover more about this in a brief nine minute video, where I talk to a number of market experts about this topic: “What is SysSecOps?”