Interaction of IT and IS: means of protection
Yaroslav Yasenkov, information security engineer, Development Department of the Production Department of Security Vision
Practice shows that the goal of achieving information security is faced by companies that have reached a certain level of maturity. On the way to this maturity, the amount of information processed increases, and the risks of loss or leakage of such information increase. At the same time, the number of personnel is also increasing. Staff expansion leads to the division of goals and tasks assigned to responsible persons. And where there is a division of goals, conflict situations inevitably arise. The division of IT and IS departments of the company is no exception.
The development of such conflict situations can adversely affect the efficiency of the enterprise as a whole. Therefore, it is important to understand the main points of contradictions between IT and IS departments and to make a number of organizational decisions capable of minimizing such situations and directing the work of specialists in a fruitful direction.
Problems of interactions
One of the main problems is the lack of mutual understanding between IT and IS specialists. As a rule, the main goal facing the IT department is to automate and improve the efficiency of the company’s processes. The main IT priorities are speed, simplicity and cheapness. And this can be relevant both for the IT department, which creates automation for use within the company, and for delivery to the customer. At the same time, the IS unit faces the goal of reducing information security risks and achieving a state of information security. Such a state cannot be achieved by quick, one-time actions, but requires planned long-term organizational and technical work. In practice, this leads, for example, to the fact that the IT department can strive for the fastest and unlimited availability of information, while the IS department “puts sticks in the wheels” in every possible way by limiting access to information.
Another problem is the lack of information exchange between IT and IS units. The IT department may not always provide sufficient information about new systems, updates or changes in the infrastructure, which complicates the work of IS specialists. The IS department, in turn, may not sufficiently inform the IT department about new threats or security requirements, which can lead to vulnerabilities in information systems.
Ultimately, financial constraints can become another issue between IT and IS departments. The IT department may believe that improving security requires additional costs that may not be acceptable to the company. The IS department, in turn, may feel that the IT department is not devoting enough resources to security.
Approaches to overcoming problems
The following approaches can be used to overcome problems in the interaction of IT and IS divisions in the company:
Establishing clear communication: It is important to establish channels of communication between IT and IS departments to ensure regular exchange of information and discussion of security issues. Regular meetings should be organized to discuss current tasks, problems and plans. This will help to improve mutual understanding of goals and objectives and consistency in work.
Training and professional development: trainings and seminars should be organized for IT and IS specialists, while the role of teacher can alternately belong to both the IT division and the IS division. This will help improve mutual understanding and reduce conflicts related to differences in approaches and priorities.
Development of procedures and policies: The company should develop uniform procedures and policies that take into account the needs of both IT and IS departments. For example, you can create procedures for sharing information about new systems and infrastructure changes, as well as security policies that establish data protection requirements and measures.
Management Involvement: Company management should be actively involved in conflict resolution and support of collaboration between IT and IS departments, mediating disagreements and making decisions that consider both security needs and operational efficiency.
Allocation of sufficient resources: The company must provide sufficient financial and human resources to ensure information security. This may include hiring information security professionals, purchasing the necessary hardware and software, and conducting security audits and testing.
It should also not be forgotten that the joint use of IT protection tools and IS units can provide a number of advantages and benefits for both parties, as well as increase the efficiency of work processes.
How they work with protection tools in IT
Information on the results of network screens, proxies, intrusion detection systems and other tools that allow you to monitor network activity and detect anomalies or suspicious behavior will help the IT department better understand the current threat landscape, design and configure the infrastructure in an optimal way.
The use of vulnerability scanners will allow you to find weak points in the IT infrastructure and quickly get recommendations for their elimination. Code analyzers will allow you to identify flaws in the software being developed at the early stages of development and take measures to eliminate them, which will allow you to optimize development costs.
The use of access control tools will protect data from unauthorized access and changes. This is especially important for the IT department, which is responsible for storing and processing a large amount of information.
The use of GRC tools will improve the efficiency of both IS and IT units. It will help to automate and ensure the processes of compliance with information security requirements.
SIEM class systems, the main function of which is the analysis and correlation of events, can be used by the IT department to monitor the availability of information systems. In the event of an event source failure or unplanned outage, the SIEM will be able to notify administrators of the failure that has occurred. SIEM correlation rules can also help in monitoring information systems, as they can detect various types of deviations in the regular flow of events.
Another example of a system that can be equally useful for IT and IS departments is IDM. IDMs allow you to centrally manage user access to various IT resources, as well as automate access control processes, such as creating, changing access rights, deleting and blocking user accounts. This, on the one hand, allows to reduce the time and resources spent by the IT department on account management, and on the other hand, allows the IS department to implement control over the processes of providing access to information resources and ensure compliance with regulatory requirements.
Information protection tools are the main source of information about incidents occurring in the infrastructure. But in order to effectively ensure information security, it is also important to pay attention to communication between IS and the IT department. Based on the results of incident investigations, IS specialists accumulate knowledge about the shortcomings of the existing information infrastructure, ways to strengthen its security to eliminate the possibility of similar incidents repeating in the future. Therefore, it is very important to ensure the transfer of such knowledge to the IT department.
In general, the joint use of information security tools by IS and IT departments, as well as their effective interaction, will help to improve the security and reliability of the company’s information systems, accelerate the detection and response to information security incidents, meet regulatory requirements in the field of information security, and ultimately reduce the use of resources, including financial budgets, personnel and infrastructure, and will lead to the optimization of company work processes, improved productivity and reduced system downtime.