As we continue to strengthen Providence against cybersecurity threats, Identity & Access Management (IAM) Operations (IAM Ops) moved under Global Security Operations reporting to exec. director Mike Ratliff and is now known as Security Operations (SecOps). As part of this move, the team has grown in size and implemented new standards of operation, improving operational efficiency and accuracy.
SecOps has reorganized their team into three focus areas. This model provides a strong base for responding to tickets, escalations, and service delivery.
- SecOps Triage – Offers 24×5 support (except Epic, at 12×5), provisioning of students and providers, terminations, SailPoint work items, all other SCTASKs, and minor incidents
- SecOps Escalations – Offers 24×5 support (except Epic at 12×5), projects and sprints, trend analysis, customer interfacing on major incidents, and triage escalation
- SecOps Service Delivery – Offers a dedicated team for documentation, training development and delivery, and is building acceptable intake methods for customers and engineering teams
The addition of the role of ticket masters, who distribute work and monitor completion, ensure that tickets are responded to rapidly and thoroughly, ensuring the success of a FIFO model and reducing the age of the backlog. The triage system has also created a clear path for urgent tickets to get resolved quickly, instead of getting lost in the queue. Application of standards, combined with automation, and dashboard reporting will further help ensure teams are performing at the highest level.
The new organizational structure and addition of new caregivers has already made great improvements in ticket resolution, even in a time of unprecedented ticket volume:
- Average age of open tickets has decreased from almost nine days down to three days
- Average ticket close is 2.6 days, with over 80% closing within three days –a majority of those closed at 0.6 days
- Backlog of 8,000+ tickets has dropped to below 1,300, with the team closing over 1,200 tickets a day on average
The new model also means that caregivers will have new career path opportunities, from entry-level analyst through security engineer, options that were not available just months ago. The goal is to offer a career path so that someone with minimal experience joining SecOps has the possibility of learning and growing as they continue to contribute to Providence, for the full extent of their career. As the operations support areas expand, so too will training opportunities, giving SecOps caregivers a broader industry skill set.
The SecOps team is now onboarding the operations activity for Data Loss Prevention (DLP) and will soon be responsible for resolving the operational tickets created through the DLP system. AuthOps, PKI, Firewall, and other non-provisioning work are slated for the future.
The addition of Providence Global Center caregivers means that SecOps can offer 24-hour service for business days Monday through Friday. Long term goals include a 24×7 support model, so that SecOps is always available to address security operations needs, as well as expanding operations support for other areas.
Contact
For any questions, please reach out to Mike Ratliff, exec. director, SecOps.