The inextricable relationship between performance and security

Prior to the era of Infrastructure as a Service (IaaS) and the public cloud, performance management, the practice of monitoring the performance of networks and infrastructure, could comfortably exist outside of the cybersecurity domain. The coupling and relationship between these two areas was not very tight and there was no direct impact on the security of an environment based on how well applications and networks performed. In other words, there was no cause and effect relationship. 

Enter the modern era of consumption-based cloud infrastructure and networks. Does that relationship now change? The answer is, “yes”.

The fact still remains that if my application is performing poorly, there is not necessarily the opportunity for the introduction of any new threat vector to my environment. My user experience suffers of course, but poor user experience does not introduce any new vulnerabilities to my network and application infrastructure attack surface. However, this conclusion only holds true if there is not a human factor variable in the equation. The relationship between performance and security becomes inextricably linked once you introduce what is called “overprovisioning”.

Overprovisioning leads to a larger attack surface

Overprovisioning occurs when humans provision more infrastructure and network capacity than is required to serve the applications that consume it. At first blush, this may not seem to be a big deal. The fact is that several studies show that 40% of the infrastructure and the networks that connect them are overprovisioned. This overprovisioning leads to more infrastructure to protect (a larger attack surface), more attack vectors, and an opportunity for misconfiguration of tools, human error, SOC fatigue, etc.

One does not need to be a rocket scientist to know that the more attack surface and attack vectors you have to defend, the more opportunity there is for a bad actor to find a vulnerability and exploit it, resulting in greater cyber risk.

How can I reduce overprovisioning and my cyber risk?

So, if we could reduce the overprovisioning, we would reduce the cyber risk. How do we do that? 

One of the most significant causes of overprovisioning comes from a failure to understand the root cause of what we refer to as performance impairments. There are many well-documented factors that affect the user experience of an application is it moves data across networks. Sources could be a front-end web tier service taking too long to respond, a back-end database service delay, network latency, application code issues, etc. 

The knee-jerk reaction when there is a performance impairment and the root cause cannot be determined is to “throw more bandwidth” at it, or provision more infrastructure. When it occurs at scale, you arrive at the statistic cited earlier of massive overprovisioning, and yes, increased cyber risk.

Wouldn’t it be great if I had a single pane of glass that could tell me how my applications and networks were performing such that if there was a performance degradation, I would then know precisely where it occurred, liberating me from throwing unnecessary infrastructure or network resources at the problem, while also providing me with security threat visibility?

Well, there is one, it’s called Skylight. 

Accedian’s Skylight is the only cloud-native, SaaS-based platform that integrates both performance analytics and cybersecurity Network Defense and Response (NDR) while combining BOTH synthetic (active) and real user traffic analytics. Skylight mitigates risk on two fronts by (1) identifying security threat behaviors, and (2) giving insight that facilitates the reduction of overprovisioning. 

Skylight measures and monitors network jitter, bandwidth, and latency while analyzing 100% of the network packets’ application delivery protocol transactions. Behind Accedian’s state of the art technology is an industry-leading team of performance engineering experts driving a culture that executes with the agility of a startup, but with a rich and experienced performance management heritage spanning almost 2 decades.