In our recent IT and SecOps Collaboration webinar series, we spoke with our extremely talented and super-kind Manager of IT Operations, David Van Heerden. David shared with us some lessons learned since joining the Automox team.
Among his most impactful learnings were those that focused on how IT and SecOps could effectively bridge the gap commonly found between their teams.
In the webinar, David discussed how to prioritize working smarter, not harder, with security to prevent unnecessary exposure to cyber threats. David knows security isn’t a blocker, but rather a company-wide shared IT responsibility.
In this post, we’ll break down three measures that can help your teams bridge the IT and SecOps gap more effectively.
1. Lean on and collaborate with your security team
When David joined Automox, his department consisted only of him and two other IT engineers. The team was very small to start. In contrast to their size, the challenges they faced right off the bat were immense. Knowing this was going to be challenging from the get-go, David and his team started bridging the gap between our IT team and security.
As David stated, “We knew we needed security to get involved. Really, we had no other choice but to lean on their access knowledge and expertise in the environment to better secure IT systems efficiently. Luckily, we had a fairly mature security team to help us leverage their experience to better support the rapid scale of the business and protect its identity.”
Doing this allowed IT and the security team to lean on each other's expertise and collaborate more effectively in the company.
2. Leverage self-service and automated tool solutions
Previously in his career, David found that a lack of security, infrastructure support, and maintenance could ultimately destroy an organization. He knew IT and SecOps initiatives often align to improve the security of the business while both teams also realize that these initiatives need to be managed with less support. That said, he believes most of the damage around these issues is the result of a lack of automation.
Automation creates great opportunities for more security at a lower cost. In the webinar, David advised, “A conservative approach doesn't enable us to push forward and elevate the level of service to an organization.”
The goal of implementing more automation for IT is to reduce level-one help desk tasks as much as possible. Also, the goal of using automation to bring IT and security together retrains the organization as a whole to leverage more self-service and automated tools as much as possible. Focusing on the IT tasks that can be automated gives both teams more time and resources to handle risks and threats in a more timely manner.
3. Implement cost-effective automation to create business growth
According to David, it’s a big goal to implement more automation, but all of it should be entirely supported by better-defined processes and procedures that then enable teams to automate those steps and sub-steps within processes and procedures. David states that this implementation saved Automox expenses exponentially and curated more rapid growth so that IT and security could focus on more important tasks within the company.
Automation gives companies the opportunity to do more by actually doing less. When IT and security teams focus on what tasks can be automated and self-serviced, it allows the teams the opportunity to save time and money in the long run. Automation makes it easier for IT and security to work more effectively and business leadership to better budget more appropriately.
In the end, we know fewer obstacles and less tension not only makes for more efficiency, but also leads to a better work environment for all involved. Truth be told, ITOps and SecOps teams have more in common than we sometimes realize.
It’s more fun to work as one – and automation can infuse your day with some stress relief and ease so you can tackle the tasks you enjoy whether your on the IT side or security side of the coin.