Care About Performance? Ask Yourself These 4 Questions About Security and Digitization
July 29, 2019

Don Boxley
DH2i

Share this

Every IT administrator cares about performance, whether you specialize in application performance management (APM), digital performance management, or general business service/IT service management. Security is also part and parcel of APM, as without an effective security strategy, high performance becomes impossible (and frankly, irrelevant), taking a backseat to trying to protect and secure sensitive data.

Performance is also critical to digital transformation, and as companies continue their journey toward digital transformation, securing your data must be top of mind. This is true not just for your own organization, but for any third party vendors that require access to your cloud-based data. Strategic partners can be your secret weapon in application performance — but they can also morph into your worst nightmare if they are your weakest link when it comes to data sharing security.
 
Before you can properly focus on performance, therefore, you need to ensure that your ducks are in a row when it comes to your strategy for digitization, data security, and third-party partners. Begin by asking yourself the following four questions:

1. If we don't want remote users on our company's network, how can we still grant them access to the services they need to conduct business for us?

When you remove all remote users from the corporate network, you solve two typical avenues for hackers to get at your data: access controls and broken authentication. But while solving one problem, a no-access policy for your vendors means that they can't conduct business digitally for you, which certainly puts a damper on your efforts toward digital transformation.

You need to both secure your attack surface and also address the needs of your digital business. The answer to this dual-pronged challenge is to take an SDP (software defined perimeter) approach, which allows business continuity while protecting how much surface area gets exposed to lateral attacks.

2. Are we still relying on outdated VPN technology for our security strategy when it comes to giving our partners access to our network?

In light of the ongoing success that cybercriminals are having in breaching data from companies of all types and sizes, few organizations today would quibble with the fact that a reliable data security strategy is important. But some enterprises are still behind the times when it comes to knowing how best to secure their critical data in the current hack-centric environment. If it has been a while since you've taken the time to review how you're managing the access that you allow to your partners and remote users, move this task to the top of your to-do list. After all, when you read the news stories about how companies lost their data, many breaches get traced back to third parties who either intentionally or inadvertently compromised the data.

I'm just going to be blunt here — if you're still using a VPN (virtual private network) then your data isn't safe. Granted, VPNs used to be a secure solution — perhaps the most secure one — back in the days before the cloud. But physical servers are no longer king, and neither are VPNs or direct-link formats. Instead, in a new world where you're much more likely to see multi-cloud and hybrid deployments, or mixed environments of on-premise and cloud, companies need a security strategy that is designed specifically for these settings. This brings us back to SDP. This secure networking software allows IT to define which services that third-party vendors and other remote users can access in your network.

3. Does your remote access approach leave you with only a single router?

One of the disadvantages of VPNs is that they involve many complexities in configuration. They require a single router, which can boost the chance of data being compromised. A more effective way to handle third-party remote access is supporting a router environment that's heterogeneous, rather than relying only on one dedicated router.

There's another reason why you should avoid the single-router approach: you can avoid the common scenario of lock-in by a router vendor. An SDP solution allows for scaling across a multi-partner environment, moving your operations from cloud to cloud if needed.
 

4. What about application segmentation?

For optimum application performance as well as security, you need your remote-access approach to give network administrators the power for application-level segmentation (rather than network-level). To minimize the likelihood of a lateral attack on your network, you'll want to ensure that third-party partners can access your system only at the application level. By allowing more detailed control of access, vendors that you choose can only access specific services, not your entire system.

You may trust your partner's performance — but in a hybrid and multicloud environment, security concerns around partner data access can make application performance a moot point if you don't manage remote access correctly. A simple decision to modernize your approach to remote access can help ensure the data protection you need with third parties, so that application performance has a chance to shine.

Don Boxley is CEO and Co-Founder of DH2i
Share this

The Latest

August 21, 2019

For the first time, a majority of companies are putting mission critical apps in the cloud, according to the latest report by Cloud Foundry Foundation ...

August 20, 2019

The cloud continues to transform IT in every industry. But in order to migrate to the cloud, embrace these new technologies and truly evolve their business, organizations need an underlying network that can support digital transformation ...

August 19, 2019

One common infrastructure challenge arises with virtual private networks (VPNs). VPNs have long been relied upon to deliver the network connectivity and security enterprises required at a price they could afford. Organizations still routinely turn to them to provide internal and trusted third-parties with "secure" remote access to isolated networks. However, with the rise in mobile, IoT, multi- and hybrid-cloud, as well as edge computing, traditional enterprise perimeters are extending and becoming blurred ...

August 15, 2019

The configuration management database (CMDB), along with its more federated companion, the configuration management system (CMS), has been bathed in a deluge of negative opinions from all fronts — industry experts, vendors, and IT professionals. But from what recent EMA research on analytics, ITSM performance and other areas is indicating, those negative views seem to be missing out on a real undercurrent of truth — that CMDB/CMS alignments, whatever their defects, strongly skew to success in terms of overall IT progressiveness and effectiveness ...

August 14, 2019

The on-demand economy has transformed the way we move around, eat, learn, travel and connect at a massive scale. However, with disruption and big aspirations comes big, complex challenges. To take these challenges head-on, on-demand economy companies are finding new ways to deliver their services and products to an audience with ever-increasing expectations, and that's what we'll look at in this blog ...