Written By Alan Zeichick And Presented By Chuck Leaver
SysSecOps. That’s a new phrase, still not known by lots of IT and security administrators – but it’s being discussed within the market, by experts, and at technical conferences. SysSecOps, or Systems & Security Operations, refers to the practice of bringing together security teams and IT operations teams to be able to ensure the health of enterprise technology – and having the tools to be able to respond most successfully when issues happen.
SysSecOps focuses on taking down the information walls, interrupting the silos, that get between security teams and IT administrators.
IT operations staff exist to ensure that end-users can access applications, and that critical infrastructure is operating 24 × 7. They wish to maximize access and accessibility, and require the data required to do that job – like that a brand-new employee needs to be provisioned, or a disk drive in a RAID array has stopped working, that a brand-new partner needs to be provisioned with access to a secure document repository, or that an Oracle database is ready to be migrated to the cloud. It’s all about innovation to drive business.
Exact Same Data, Various Use-Cases
While using endpoint and network monitoring details and analytics are clearly customized to fit the diverse requirements of IT and security, it ends up that the underlying raw data is in fact the same. The IT and security teams just are looking at their own domain’s problems and situations – and taking actions based upon those use-cases.
Yet often the IT and security teams need to collaborate. Like provisioning that new business partner: It should touch all the best systems, and be done securely. Or if there is an issue with a remote endpoint, such as a mobile phone or a mechanism on the Industrial Internet of Things, IT and security may have to interact to determine precisely what’s going on. When IT and security share the same data sources, and have access to the very same tools, this job becomes much easier – and thus SysSecOps.
Imagine that an IT administrator spots that a server hard disk is nearing total capacity – and this was not expected. Maybe the network had actually been breached, and the server is now being used to steam pirated films across the Web. It happens, and finding and fixing that issue is a task for both IT and security. The data gathered by endpoint instrumentation, and displayed through a SysSecOps-ready tracking platform, can assist both sides working together more efficiently than would occur with conventional, distinct, IT and security tools.
SysSecOps: It’s a brand-new term, and a new concept, and it’s resonating with both IT and security groups. You can discover more about this in a short nine-minute video, where I talk with a number of industry professionals about this topic: “Exactly what is SysSecOps?”