How Uniting Security and Operations Makes for a Happy, Mission-Benefiting IT “Family”
Happy holidays, right everybody?
It’s the time of year, after all, when extended families gather to celebrate the season with warm embraces and holiday cheer – up until the moment when we realize that, while we love each other, we don’t really enjoy being in the same room together for very long.
Because “you can’t pick your family,” intense personal dynamics can lead to tension and even hostilities. Sometimes, a heated argument will emerge during a debate about sports or (especially now) politics. Long-simmering resentments over perceived slights from decades ago play a role, as does an excessive competitive element as we “compare notes” over whose house is bigger, whose car is nicer and whose kids are smarter.
Modern organizations can be like this, particularly when it comes to their IT systems management and security operations teams. Indeed, as they one-up each other as to which performs the most critical functions – and which “does it better” – these two teams often act like estranged siblings.
It doesn’t have to be this way. Instead of perceiving of the two as “at odds,” think of them as we do the human mind: The right side of the brain is the “liberal arts major,” seeking to dazzle the world with its command of creativity and the arts. The left side is “the practical, serious one,” immersed in all things logical, including science and mathematics. If we only had one half, we’d accomplish so much less. But with both sides thriving within a single, brilliantly aligned interface, we are ready to tackle just about anything.
At the moment, IT systems management and security operations remain extremely fragmented – to the point where many businesses which contract out this work will hire two different companies to do it. Even if both functions are staffed in-house, the two teams typically rely upon completely different tools and programs. What’s more, they’re frequently based in different locations. And, alas, they’re focused on different goals and strategies.
The upshot: They can’t benefit from each others’ insights, and their competing priorities clash. If the network suddenly slows to a crawl, for example, security may blame operations, citing buggy software or aging infrastructure. Obviously, this could lead to counter finger-pointing and continued infighting.
If the two were aligned – unified by a “single pane of glass” vision and a set of common tools – they could come to a shared conclusion. In a scenario that’s quite relevant these days, they’d recognize that an ongoing cyber attack was behind the network disruption. Together, they’d raise enterprise-wide visibility and quickly diagnose the issue, to more readily and effectively respond. In the case of an advanced persistent threat which has avoided detection from security, the input of data from operations in real-time can help pinpoint the troubled area(s) and expedite mitigation before the exfiltration of massive amounts of proprietary and/or sensitive information occurs.
That’s just one hypothetical but very real situation. Here are three additional ways that companies build value by bringing together operations and security teams:
The teams tackle shadow IT together.
The increase of shadow IT – employees and/or business departments acquiring and deploying tech solutions on their own, without approval from IT – is raising considerable concerns about security, for good reason. Nearly 72 percent of IT managers and executives do not know the number of shadow IT apps in use within their organizations, according to research from the Cloud Security Alliance (CSA). Whether it’s unauthorized software running on official systems or a smartphone plugged into the network, hackers take full advantage by exploiting subsequent vulnerabilities. But when security teams have systems information at their fingertips, they swiftly check and identify introduced programs, devices, etc. as either authorized or shadow – then respond in the best interest of their organization.
They combine workstation and server monitoring.
There are solutions that monitor workstations. There are those which monitor servers. Rarely does one monitor the two together. Yet, systems teams are responsible for tracking both. Through security operations-provided tools, systems management integrates workstations and servers for optimal monitoring at all ends of the spectrum, further advancing situational awareness.
They alleviate conflict while enhancing collaboration on better best practices.
As the famous 1970s song title asked, “Why Can’t We Be Friends?” Maybe it’s because systems and security pros work pretty darn hard, all the time. So tempers flare when the network goes MIA or a hacker steals data, especially when the two sides don’t perform as a singular unit. Too frazzled and frustrated for niceties, they rush to judgment to foster an “us against them” environment. With total alignment, however, counterproductive conflict gives way to mission-benefiting communications. Operations and security teams collaborate, for instance, upon their daily needs and challenges, and then develop best practices to address them. Then, they combine resources to educate users, helping them understand the consequences of shadow IT and other potentially harmful actions. They illustrate how certain user-introduced technologies create burdens for operations and security – and how that simply hurts business, for everyone.
Like family members, operations and security teams usually can’t “pick” each other. Their respective hiring managers make those calls. But every, single member of the teams have chosen to work for the same company, which means they can come together to support shared organizational strategies. With a unified, fully integrated vision of systems, apps, devices, etc. and common tools to monitor and oversee it all, they’ll get the most out of each others’ strengths. This will inspire much “cheer,” during the holidays – and beyond.