Written By Alan Zeichick And Presented By Charles Leaver
SysSecOps. That’s a neologism, still unseen by numerous IT and security administrators – however it’s being talked about within the market, by analysts, and at technical conferences. SysSecOps, or Systems & Security Operations, refers to the practice of combining security teams and IT operations groups to be able to make sure the health of business technology – and having the tools to be able to respond most efficiently when problems occur.
SysSecOps focuses on taking down the information walls, interfering with the silos, that get in between security groups and IT administrators.
IT operations personnel exist to guarantee that end-users can access applications, and also vital infrastructure is operating 24 × 7. They wish to maximize access and availability, and need the data needed to do that job – like that a new staff member must be provisioned, or a hard disk drive in a RAID array has actually stopped working, that a brand-new partner needs to be provisioned with access to a secure document repository, or that an Oracle database is ready to be moved to the cloud. It’s everything about technology to drive business.
Exact Same Data, Different Use-Cases
While making use of endpoint and network monitoring info and analytics are clearly tailored to fit the diverse requirements of IT and security, it turns out that the underlying raw data is actually the same. The IT and security groups simply are looking at their own domain’s issues and situations – and doing something about it based upon those use-cases.
Yet in some cases the IT and security groups have to interact. Like provisioning that new organization partner: It needs to touch all the ideal systems, and be done safely. Or if there is an issue with a remote endpoint, such as a mobile device or a mechanism on the Industrial Internet of Things, IT and security may have to collaborate to determine exactly what’s going on. When IT and security share the exact same data sources, and have access to the exact same tools, this task becomes a lot easier – and thus SysSecOps.
Picture that an IT administrator detects that a server hard drive is nearing total capacity – and this was not expected. Perhaps the network had actually been breached, and the server is now being used to steam pirated motion pictures across the Internet. It occurs, and finding and fixing that problem is a job for both IT and security. The data collected by endpoint instrumentation, and showed through a SysSecOps-ready tracking platform, can help both sides working together more efficiently than would happen with standard, unique, IT and security tools.
SysSecOps: It’s a new term, and a brand-new idea, and it’s resonating with both IT and security groups. You can find out more about this in a brief 9 minute video, where I speak to several market professionals about this topic: “What is SysSecOps?”