Why network overprovisioning is a security risk
Less than three months into 2020, business plans set at the top of the year immediately became void. Enterprises had to spend time, budget, and energy to make sure that they could continue serving their end-users in the new remote reality. This shift put a particular focus on the network, which became the foundation for and, frankly, the lifeline of business continuity. IT teams had to manage unprecedented demand from this uptick and shift to remote access of applications, causing many to turn to overprovisioning for a quick fix when users were complaining they could not get their job done.
Network overprovisioning – or, adding additional capacity to the network – is a common tactic used by IT teams to maintain performance during periods of network failures or surges that occur due to unpredictable demand. When thinking about what a network failure can mean, the approach makes sense, considering anything less than high-quality enterprise network performance can be detrimental to a business’ bottom line. Oftentimes, the costs associated with poor network performance far outweigh the budget spent on overprovisioning.
In some cases, the costs can far exceed anything that can be counted in coins. For healthcare providers, the network is like the heart, without which all else fails. Network downtime can pose significant issues. Whether the services are mission-critical or not, degradation in network performance can affect the quality of service delivered to the end customers.
What’s the cost?
Accedian recently conducted research with more than 500 US-based enterprise IT teams to ask them about network overprovisioning: if they do it, why they do it and what might be at stake. The result? Two-thirds of respondents (67%) overprovision in an attempt to immediately counteract performance issues instead of addressing them. The reason they don’t address the issue comes down to too little time (40% of respondents), and a lack of tools to do so (36% of respondents).
Accedian’s report highlights the security risks of overprovisioning. Adding more infrastructure means a larger attack surface, more attack vectors, and a greater opportunity for misusing tools or simply just human error. This means continuous overprovisioning practices put your enterprise at a greater security risk.
But IT teams are fully aware of the risks they’re taking. When asked about their biggest concerns regarding overprovisioning, 72% of respondents answered security, and 62% of respondents do believe their networks are more vulnerable to cyber attacks due to the practice. The awareness is there, but with a lack of tools and time, enterprises are turning to overprovisioning as a necessary act, despite the increased risks.
What’s the fix?
In the eyes of IT professionals, network security (62%) is more important than cloud application performance (38%). But businesses shouldn’t have to choose. IT and network teams can combat overprovisioning with tools that help them troubleshoot their network and quickly identify the root cause of performance bottlenecks. Enterprises can install smart, end-to-end network and application monitoring tools, such as Accedian’s Skylight™platform to easily and quickly gain insights into the real-time performance of their network and applications.
Skylight delivers high-performance and secure network and user experience monitoring for any application, any cloud, and any network, making it a staple for any efficient and cyber-resilient organization. By using Skylight, enterprises can plan for upticks in network traffic, proactively manage application performance and detect security anomalies.
Even better, using a tool that serves both network and security operations teams will reduce costs and help to prevent overprovisioning and the introduction of more risk by addressing performance and security issues in the same platform. Like many other aspects of 2020, overprovisioning is something we hope to leave behind us.
For more about Skylight can help, see here.