Mind the Gap Between Security and IT Operations

February 12, 2019 - Mehul Revankar

Imagine taking a job as the manager of a pro baseball team and then learning that winning the World Series is the only acceptable outcome at the end of your first season. Not easy for sure. But what if you were required to field a baseball team comprised of only hockey and football players? Nearly impossible. What about security and IT operations?

Chief information security officers and IT executives working to protect digital business from cybersecurity threats are often faced with a task just as daunting. Is it possible to create a truly collaborative and efficient SecOps team? No doubt getting your security and IT operations teams on the same page can be a challenge.

Whether managing a baseball team or an IT team, you need to figure out a way for your team to play to their strengths, use the same vernacular, prioritize, strategize, use the right tools, and most importantly…win.

IT Collaboration

At SaltStack we’ve lived through the emergence of DevOps and have helped our customers’ development and operations teams more efficiently and effectively get code into production. At the end of the day DevOps is all about better collaboration and communication, and SaltStack intelligent automation can contribute to helping DevOps teams work better together.

We now see the emergence of SecOps as a priority in IT collaboration. IT teams are putting a substantial focus on an integrated, holistic approach to the security of their digital infrastructures. Effective SecOps is no longer a “nice to have,” it is essential to the success of your company. But easier said than done.

In this post I’ll explain how SecOps teams can coordinate to more effectively protect their companies and their company’s customers.

The SecOps Problem

The result would be chaos and failure if this baseball coach simply said to a roster of hockey and football players, “go play.” It would be the Birmingham Barons with nine Michael Jordans instead of just one.

And yet if you’ve worked in an enterprise IT organization you can see similar challenges almost every day. IT operations and security teams are very different, but at a high level they both work to create a highly available digital infrastructure that’s secure and compliant with regulatory standards.

The IT operations team’s goal is to make sure all systems are running and functional at all times. Any outages or updates are planned weeks if not months in advance.

The security team works to ensure all infrastructure is secure, patched, and compliant with regulatory standards such as PCI, HIPAA, and 800-53. They must react quickly to security threats such as Spectre or WannaCry and assess how the threat might impact business. Rapid response is essential and planning in urgent situations often takes a back seat to expediency.

One of the key challenges to increased collaboration between the security and IT operations teams is a lack of shared processes, tools, and priorities.

It’s common to see security teams run a weekly scan with one tool, export the report with a list of compliance violations, vulnerabilities, and configuration issues into a massive Excel sheet, then hand it off to the IT operations team to fix without any context or a sense of prioritization.It’s also common for the operations team to take action against issues using completely different tools and work off different objectives than the security team. Too often the result is low-priority issues get addressed first while SEV-1 issues fall through the cracks.

The SecOps Opportunity

At SaltConf18 SaltStack announced plans to build SaltStack SecOps, a new security product based on the SaltStack intelligent IT automation platform. At SaltStack, we feel there isn’t a more useful application of configuration management than for systems security and hardening.

SaltStack SecOps is designed to help security and IT operations organizations play on the same team, on the same field, and with the same rules.

SaltStack SecOps not only assesses compliance violations, configuration issues, and security vulnerabilities, but can also be used to remediate at scale across multi-cloud, on-premises, and even containerized digital business infrastructure. This software product is unique in uniting IT operations and security teams so they can collaborate successfully and get the work of SecOps done quickly and effectively.

One of the most important things SaltStack SecOps does is take a policy-driven approach to security. As long as you can define a policy, SaltStack SecOps will ensure your infrastructure adheres to it.

Get Access to the SaltStack SecOps public beta

SaltStack has been used for years to automate the management of the world’s biggest and most complex digital infrastructures. Our roots run deep in systems management and in orchestrating the enforcement of system configuration compliance at massive scale. Now we’re making it easier than ever for SecOps teams to work together to secure digital infrastructure.

Today we are very happy to announce the opening of the SaltStack SecOps public beta.

We’ve already experienced substantial demand for access to the private beta, and while we won’t be able to provide access to all applicants we are anxious to get SaltStack SecOps in the hands of IT pros who will are willing test the beta, provide feedback, and help us deliver an awesome product.

Fill out this application to request access to the SaltStack SecOps beta.

Learn more about SaltStack SecOps

SaltStack SecOps is designed to help security and IT operations teams more effectively protect digital business through secure configuration enforcement and compliance. Read the SaltStack SecOps white paper if you would like to learn more, or attend the upcoming SaltStack webinar titled, “SaltStack SecOps for Automated IT Systems Compliance and Security Remediation.”

Or if you are attending RSA Conference 2019 next month, make sure to stop by our booth for a SaltStack SecOps demo and the latest SaltStack swag. We are in booth 3105 which is located in the corridor between the north and south expo halls.

If you would like a complimentary RSA Conference 2019 Expo Plus pass, please visit the SaltStack event page for RSA for the registration link and discount code.