As companies grow, departments and teams within the organization often become more siloed. This happens despite the fact that digital transformation and the transition to cloud have made teams across the business more professionally interconnected than ever.
This somewhat paradoxical development is perhaps most evident in the relationship between IT and security departments. Generally speaking, IT is responsible for finding technological solutions to enable business connectivity, communication and agility. Meanwhile, security teams ensure these technologies are leveraged in a way that ensures confidentiality, integrity and availability.
In many if not most organizations, security and IT operate separately, as different and clearly demarcated teams. IT teams are seeking out systems and technology solutions for employees while dealing with the stress of growing ticket backlogs, while security teams are trying to find secure and cost-effective solutions for the rising number of cyber attacks.
When either team wants to actually implement a solution, they are often stopped in their tracks by the other team. The reasons for this can include resources, time, cost, and privacy. But, to be blunt, sometimes the reason is more political than professional or practical.
The ultimate result of these circumstances can be a non-professional work environment that is based on outdated systems, or an insecure environment dependent on IT workarounds that did not get a green light from security.
Ironically, the consequences of such a situation become a joint IT and security issue. For example, when employees use VPNs that are slow or ineffective, IT is flooded with tickets and security teams have to deal with the increased attack surface of a VPN connection.
Or, when users turn to shadow IT because they need quick access to resources, neither IT nor security has governance over the business’s technologies and the information that is shared there. In either scenario, everyone loses - especially the business.
Simply put, the separation between IT and security is outdated and artificial. It must be overcome by working together and treating all company systems as a co-ecosystem of IT and security. Here’s how such a partnership can help both teams as well as the business as a whole:
When IT and security team up, they can find solutions that answer both their needs. On a practical level, this means working together to find technological solutions that provide both connectivity and security. For IT, such a solution ensures an improved user experience and a reduced number of support tickets. For security, it provides the confidence of a secure solution they can rely on. After all, when teams work together, everyone wins.
Collaboration between IT and security saves time for both teams by significantly lowering overhead. Such overhead includes the back-and-forth of the approval process, as well as the answers to other stakeholders in the organization about why a certain solution was approved (or not). Finally, it reduces the enormous resource strain an inefficient and insecure system takes on an organization.
Digital transformation has moved many systems and business applications to the cloud, where they are distributed across servers and geographies. While this topology enables business continuity, it also poses new challenges for IT and security teams. Finding and implementing solutions together can help IT and security identify the right platforms that answer their most pressing needs and have most strategic impact.
Employees are the customers of both IT and security teams, and when those two teams don’t cooperate, it's employees who suffer the consequences. With security and IT collaborating and and implementing good solutions, employees will enjoy a frictionless experience that is both secure and efficient. It’s a win-win-win.
IT and security teams can leverage the Cyolo zero-trust access solution to ensure connectivity, access, and security - all while ensuring a good user experience.
Author
Jennifer Tullman-Botzer is a cybersecurity nerd by day and a history nerd by night. She has over a decade of experience in cybersecurity marketing and is as tired as you are of hackers-in-hoodies stock images. Jennifer joined Cyolo in 2021 and currently serves as Head of Content. Prior to Cyolo, she worked in a variety of marketing roles at IBM Security. She lives in Tel Aviv, Israel.