Written By Alan Zeichick And Presented By Charles Leaver
SysSecOps. That’s a new phrase, still not known by many IT and security administrators – but it’s being discussed within the industry, by experts, and at technical conferences. SysSecOps, or Systems & Security Operations, describes the practice of uniting security groups and IT operations groups to be able to make sure the health of enterprise technology – and having the tools to be able to react most effectively when issues happen.
SysSecOps focuses on taking apart the information walls, disrupting the silos, that get in between security groups and IT administrators.
IT operations staff are there to guarantee that end-users can access applications, and also important infrastructure is operating at all times. They wish to maximize access and availability, and need the data required to do that task – like that a brand-new worker needs to be provisioned, or a hard disk drive in a RAID array has failed, that a new partner has to be provisioned with access to a secure file repository, or that an Oracle database is ready to be moved to the cloud. It’s all about innovation to drive the business.
Same Data, Various Use-Cases
While making use of endpoint and network monitoring information and analytics are plainly tailored to fit the diverse requirements of IT and security, it ends up that the underlying raw data is really the exact same. The IT and security teams simply are taking a look at their own domain’s issues and circumstances – and doing something about it based upon those use-cases.
Yet sometimes the IT and security teams need to interact. Like provisioning that brand-new company partner: It needs to touch all the best systems, and be done securely. Or if there is an issue with a remote endpoint, such as a mobile phone or a mechanism on the Industrial Internet of Things, IT and security might need to work together to figure out exactly what’s going on. When IT and security share the very same data sources, and have access to the same tools, this task ends up being a lot easier – and therefore SysSecOps.
Imagine that an IT administrator finds that a server hard disk is nearing full capacity – and this was not expected. Perhaps the network had actually been breached, and the server is now being used to steam pirated films across the Internet. It happens, and finding and fixing that issue is a job for both IT and security. The data collected by endpoint instrumentation, and displayed through a SysSecOps-ready tracking platform, can help both sides working together more effectively than would happen with conventional, unique, IT and security tools.
SysSecOps: It’s a new term, and a brand-new idea, and it’s resonating with both IT and security teams. You can discover more about this in a short nine-minute video, where I speak to several market experts about this topic: “What is SysSecOps?”