Care About Performance? Ask Yourself These 4 Questions About Security and Digitization
July 29, 2019

Don Boxley
DH2i

Share this

Every IT administrator cares about performance, whether you specialize in application performance management (APM), digital performance management, or general business service/IT service management. Security is also part and parcel of APM, as without an effective security strategy, high performance becomes impossible (and frankly, irrelevant), taking a backseat to trying to protect and secure sensitive data.

Performance is also critical to digital transformation, and as companies continue their journey toward digital transformation, securing your data must be top of mind. This is true not just for your own organization, but for any third party vendors that require access to your cloud-based data. Strategic partners can be your secret weapon in application performance — but they can also morph into your worst nightmare if they are your weakest link when it comes to data sharing security.
 
Before you can properly focus on performance, therefore, you need to ensure that your ducks are in a row when it comes to your strategy for digitization, data security, and third-party partners. Begin by asking yourself the following four questions:

1. If we don't want remote users on our company's network, how can we still grant them access to the services they need to conduct business for us?

When you remove all remote users from the corporate network, you solve two typical avenues for hackers to get at your data: access controls and broken authentication. But while solving one problem, a no-access policy for your vendors means that they can't conduct business digitally for you, which certainly puts a damper on your efforts toward digital transformation.

You need to both secure your attack surface and also address the needs of your digital business. The answer to this dual-pronged challenge is to take an SDP (software defined perimeter) approach, which allows business continuity while protecting how much surface area gets exposed to lateral attacks.

2. Are we still relying on outdated VPN technology for our security strategy when it comes to giving our partners access to our network?

In light of the ongoing success that cybercriminals are having in breaching data from companies of all types and sizes, few organizations today would quibble with the fact that a reliable data security strategy is important. But some enterprises are still behind the times when it comes to knowing how best to secure their critical data in the current hack-centric environment. If it has been a while since you've taken the time to review how you're managing the access that you allow to your partners and remote users, move this task to the top of your to-do list. After all, when you read the news stories about how companies lost their data, many breaches get traced back to third parties who either intentionally or inadvertently compromised the data.

I'm just going to be blunt here — if you're still using a VPN (virtual private network) then your data isn't safe. Granted, VPNs used to be a secure solution — perhaps the most secure one — back in the days before the cloud. But physical servers are no longer king, and neither are VPNs or direct-link formats. Instead, in a new world where you're much more likely to see multi-cloud and hybrid deployments, or mixed environments of on-premise and cloud, companies need a security strategy that is designed specifically for these settings. This brings us back to SDP. This secure networking software allows IT to define which services that third-party vendors and other remote users can access in your network.

3. Does your remote access approach leave you with only a single router?

One of the disadvantages of VPNs is that they involve many complexities in configuration. They require a single router, which can boost the chance of data being compromised. A more effective way to handle third-party remote access is supporting a router environment that's heterogeneous, rather than relying only on one dedicated router.

There's another reason why you should avoid the single-router approach: you can avoid the common scenario of lock-in by a router vendor. An SDP solution allows for scaling across a multi-partner environment, moving your operations from cloud to cloud if needed.
 

4. What about application segmentation?

For optimum application performance as well as security, you need your remote-access approach to give network administrators the power for application-level segmentation (rather than network-level). To minimize the likelihood of a lateral attack on your network, you'll want to ensure that third-party partners can access your system only at the application level. By allowing more detailed control of access, vendors that you choose can only access specific services, not your entire system.

You may trust your partner's performance — but in a hybrid and multicloud environment, security concerns around partner data access can make application performance a moot point if you don't manage remote access correctly. A simple decision to modernize your approach to remote access can help ensure the data protection you need with third parties, so that application performance has a chance to shine.

Don Boxley is CEO and Co-Founder of DH2i
Share this

The Latest

March 31, 2020

Organizations face major infrastructure and security challenges in supporting multi-cloud and edge deployments, according to new global survey conducted by Propeller Insights for Volterra ...

March 30, 2020

Developers spend roughly 17.3 hours each week debugging, refactoring and modifying bad code — valuable time that could be spent writing more code, shipping better products and innovating. The bottom line? Nearly $300B (US) in lost developer productivity every year ...

March 26, 2020

While remote work policies have been gaining steam for the better part of the past decade across the enterprise space — driven in large part by more agile and scalable, cloud-delivered business solutions — recent events have pushed adoption into overdrive ...

March 25, 2020

Time-critical, unplanned work caused by IT disruptions continues to plague enterprises around the world, leading to lost revenue, significant employee morale problems and missed opportunities to innovate, according to the State of Unplanned Work Report 2020, conducted by Dimensional Research for PagerDuty ...

March 24, 2020

In today's iterative world, development teams care a lot more about how apps are running. There's a demand for fixing actionable items. Developers want to know exactly what's broken, what to fix right now, and what can wait. They want to know, "Do we build or fix?" This trade-off between building new features versus fixing bugs is one of the key factors behind the adoption of Application Stability management tools ...