Care About Performance? Ask Yourself These 4 Questions About Security and Digitization
July 29, 2019

Don Boxley
DH2i

Share this

Every IT administrator cares about performance, whether you specialize in application performance management (APM), digital performance management, or general business service/IT service management. Security is also part and parcel of APM, as without an effective security strategy, high performance becomes impossible (and frankly, irrelevant), taking a backseat to trying to protect and secure sensitive data.

Performance is also critical to digital transformation, and as companies continue their journey toward digital transformation, securing your data must be top of mind. This is true not just for your own organization, but for any third party vendors that require access to your cloud-based data. Strategic partners can be your secret weapon in application performance — but they can also morph into your worst nightmare if they are your weakest link when it comes to data sharing security.
 
Before you can properly focus on performance, therefore, you need to ensure that your ducks are in a row when it comes to your strategy for digitization, data security, and third-party partners. Begin by asking yourself the following four questions:

1. If we don't want remote users on our company's network, how can we still grant them access to the services they need to conduct business for us?

When you remove all remote users from the corporate network, you solve two typical avenues for hackers to get at your data: access controls and broken authentication. But while solving one problem, a no-access policy for your vendors means that they can't conduct business digitally for you, which certainly puts a damper on your efforts toward digital transformation.

You need to both secure your attack surface and also address the needs of your digital business. The answer to this dual-pronged challenge is to take an SDP (software defined perimeter) approach, which allows business continuity while protecting how much surface area gets exposed to lateral attacks.

2. Are we still relying on outdated VPN technology for our security strategy when it comes to giving our partners access to our network?

In light of the ongoing success that cybercriminals are having in breaching data from companies of all types and sizes, few organizations today would quibble with the fact that a reliable data security strategy is important. But some enterprises are still behind the times when it comes to knowing how best to secure their critical data in the current hack-centric environment. If it has been a while since you've taken the time to review how you're managing the access that you allow to your partners and remote users, move this task to the top of your to-do list. After all, when you read the news stories about how companies lost their data, many breaches get traced back to third parties who either intentionally or inadvertently compromised the data.

I'm just going to be blunt here — if you're still using a VPN (virtual private network) then your data isn't safe. Granted, VPNs used to be a secure solution — perhaps the most secure one — back in the days before the cloud. But physical servers are no longer king, and neither are VPNs or direct-link formats. Instead, in a new world where you're much more likely to see multi-cloud and hybrid deployments, or mixed environments of on-premise and cloud, companies need a security strategy that is designed specifically for these settings. This brings us back to SDP. This secure networking software allows IT to define which services that third-party vendors and other remote users can access in your network.

3. Does your remote access approach leave you with only a single router?

One of the disadvantages of VPNs is that they involve many complexities in configuration. They require a single router, which can boost the chance of data being compromised. A more effective way to handle third-party remote access is supporting a router environment that's heterogeneous, rather than relying only on one dedicated router.

There's another reason why you should avoid the single-router approach: you can avoid the common scenario of lock-in by a router vendor. An SDP solution allows for scaling across a multi-partner environment, moving your operations from cloud to cloud if needed.
 

4. What about application segmentation?

For optimum application performance as well as security, you need your remote-access approach to give network administrators the power for application-level segmentation (rather than network-level). To minimize the likelihood of a lateral attack on your network, you'll want to ensure that third-party partners can access your system only at the application level. By allowing more detailed control of access, vendors that you choose can only access specific services, not your entire system.

You may trust your partner's performance — but in a hybrid and multicloud environment, security concerns around partner data access can make application performance a moot point if you don't manage remote access correctly. A simple decision to modernize your approach to remote access can help ensure the data protection you need with third parties, so that application performance has a chance to shine.

Don Boxley is CEO and Co-Founder of DH2i
Share this

The Latest

October 21, 2019

An effective breakpoint strategy helps deliver sharp, properly sized images, which are some of the most compelling pieces of content on a web page. Lack of such a strategy can lead to jagged images or ones that take too long to render due to excessive size, potentially reducing the overall effectiveness of web pages — and driving down the quality of the user experience. In this blog, we will explore just how significant image breakpoints are to businesses, and some important device-related factors to consider in image breakpoint decisions to deliver the optimally-sized web image every time ...

October 17, 2019

As the data generated by organizations grows, APM tools are now required to do a lot more than basic monitoring of metrics. Modern data is often raw and unstructured and requires more advanced methods of analysis. The tools must help dig deep into this data for both forensic analysis and predictive analysis. To extract more accurate and cheaper insights, modern APM tools use Big Data techniques to store, access, and analyze the multi-dimensional data ...

October 16, 2019

Modern enterprises are generating data at an unprecedented rate but aren't taking advantage of all the data available to them in order to drive real-time, actionable insights. According to a recent study commissioned by Actian, more than half of enterprises today are unable to efficiently manage nor effectively use data to drive decision-making ...

October 15, 2019

According to a study by Forrester Research, an enhanced UX design can increase the conversion rate by 400%. If UX has become the ultimate arbiter in determining the success or failure of a product or service, let us first understand what UX is all about ...

October 10, 2019

The requirements of an APM tool are now much more complex than they've ever been. Not only do they need to trace a user transaction across numerous microservices on the same system, but they also need to happen pretty fast ...