Why your Cybersecurity strategy needs DevOps

By Ryan Riggs,  Vice President of Operations, IP Services

A chain is only as strong as its weakest link

In the past few years, leaders have accepted that the human error is the biggest security risk to an organization, and organizations have responded with valuable policies and programs such as security awareness training and multi-factor authentication.

Necessary, but not sufficient. Organizations must continue implementing more robust security measures, expanding focus to include automated detection and rollback.

Due to the special role of IT staff in an organization, being able to make changes to infrastructure that potentially have grave security consequences, further audit and verification that these changes are performed correctly are necessary. For years, organizations have done this within the ITIL framework with manual or partially automated verification. This process has serious drawbacks. It’s expensive, inefficient, and doesn’t always provide oversight commensurate with the risk of the change.

Auditing and SIEM tools provide valuable protection and insight, but when a human must review the results, consider the best path, and apply the appropriate configuration changes, then you aren’t reacting fast enough in today’s threat environment.

Enter DevOps

Orchestration and integrity systems provide centralized management for detecting and verification of configuration of systems, but also audit and automated rollback features across heterogeneous environments

Implementing an automated approach to rollback unauthorized changes minimizes the exposure of both unauthorized changes by authorized staff and mistakes.

For both ITSM and ITSD, I have a far greater degree of confidence in the integrity of the systems we manage, and that the risk of human error has been minimized as necessary changes are made to systems.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s