Written By Alan Zeichick And Presented By Chuck Leaver
SysSecOps. That’s a new term, still unseen by numerous IT and security administrators – however it’s being discussed within the market, by experts, and at technical conferences. SysSecOps, or Systems & Security Operations, refers to the practice of uniting security teams and IT operations teams to be able to ensure the health of business technology – and having the tools to be able to react most successfully when issues take place.
SysSecOps concentrates on taking down the information walls, interfering with the silos, that get between security teams and IT administrators.
IT operations staff exist to make sure that end users can access applications, and also important infrastructure is operating at all times. They want to optimize access and availability, and require the data required to do that job – like that a new worker must be provisioned, or a hard disk in a RAID array has actually stopped working, that a new partner needs to be provisioned with access to a secure file repository, or that an Oracle database is ready to be migrated to the cloud. It’s all about innovation to drive business.
Same Data, Different Use-Cases
While using endpoint and network monitoring info and analytics are clearly customized to fit the disparate requirements of IT and security, it ends up that the underlying raw data is actually the same. The IT and security groups just are taking a look at their own domain’s problems and circumstances – and acting based on those use-cases.
Yet often the IT and security teams need to collaborate. Like provisioning that brand-new business partner: It needs to touch all the right systems, and be done safely. Or if there is an issue with a remote endpoint, such as a mobile phone or a mechanism on the Industrial Internet of Things, IT and security might need to collaborate to determine precisely what’s going on. When IT and security share the exact same data sources, and have access to the very same tools, this task becomes much easier – and thus SysSecOps.
Picture that an IT administrator discovers that a server hard disk is nearing full capacity – and this was not expected. Perhaps the network had actually been breached, and the server is now being utilized to steam pirated motion pictures across the Internet. It occurs, and finding and fixing that problem is a job for both IT and security. The data gathered by endpoint instrumentation, and showed through a SysSecOps-ready monitoring platform, can assist both sides working together more efficiently than would occur with traditional, distinct, IT and security tools.
SysSecOps: It’s a brand-new term, and a brand-new principle, and it’s resonating with both IT and security groups. You can find out more about this in a brief nine-minute video, where I speak to several market experts about this subject: “What is SysSecOps?”