The Secure UX Enterprise - Part 2
December 07, 2016

Gabriel Lowy
Tech-Tonics

Share this

Start with The Secure UX Enterprise - Part 1

A Unified Approach Begets Convergence and Collaboration

Unfortunately, most enterprise IT teams still monitor and manage user experience from traditional technology domain silos, such as server, network, application, device, operating system and security. As workloads continue to shift to new architecture, this approach only perpetuates an ineffective, costly and politically-charged environment. 

A unified approach allows IT teams to help their companies leverage technology investments to discover, interpret and respond to the myriad events that impact their operations, competitiveness, security and compliance.

IT Ops teams must understand their users and prioritize the performance of their apps and websites accordingly. They can make sure the apps that drive the business have the highest availability and reliability. In concert with the security team, they can take a balanced approach to prioritizing risks across the enterprise.

As opposed to conventional security layering by infrastructure, application, device and user, a prioritized risk approach allows the security team to dedicate more resources and attention to the assets that are most important to the organization. This strategy is more proactive and intelligence-based, enabling the security team to better defend the organization's most valuable data assets, respond to and remediate incidents in a timely fashion and meet GRC requirements.

Automated continuous monitoring, advanced behavioral analytics, incident response automation and software-defined perimeter provide transaction-level insights into the IT environment that UX and security teams need to better ensure performance, while protecting against risks and improving incident response. Correlations, machine learning engines, and advanced behavioral analytics and data visualization create context based on granularity about users, applications, and endpoints.

The intelligence they provide establishes benchmarks against key performance indicators (KPIs) for what is normal activity and identify anomalous behavior in real time. UX teams can triage the root cause of poor performance to speed MTTR.

Monitoring that is more pervasive, automated and intelligent allows security teams to better understand risks and prioritize threats. Policies and enforcement can be applied automatically to specific applications, user groups or roles so that security teams can use this intelligence to isolate and contain an attack before intruders can cause substantial damage.

A unified approach facilitates mapping resource and application dependencies through a single view of all components that support a service to ensure transaction completion. For security teams, it provides visibility and intelligence into the validity of the transaction and the users involved. They can see the data going into these environments, whether users are authorized to work with this data and when data is attempting to leave.

Automation provides speed and scale to keep up with new architectures and traffic growth. It improves agility and governance, reduces costs, and helps UX and security teams mitigate human error and remediate more effectively.

Next-generation solutions are all capable of collecting vast amounts of transaction data. They can then run advanced analytics against this data for a variety of secure UX use cases. To enable this type of collaboration, data also has to be assimilated from network service providers and cloud service providers in addition to data from within the enterprise.

Data Integration is Key

The better integrated these technologies are, the more intelligence UX and security teams derive from them and the more efficiently they can prioritize risks and remediation. Greater efficiency with IT Ops and security data can drive sustained competitive advantage and reduce risk at lower total cost of ownership (TCO).

Data integration is labor intensive and time consuming. IT teams get bogged down trying to integrate data from different tools. The proliferation of tools for both performance and security monitoring has resulted in a patchwork quilt of incompatible consoles and data. Teams end up spending more time writing scripts preparing data for analysis than gaining real-time insights into secure UX. And they often ignore the barrage of false positives these different tools generate.

Modern integration tools automate much of the cleansing, matching, error handling and performance monitoring that IT Ops and security teams often struggle with manually. Application governance allows teams to take a standardized approach to integrating diverse data sets, including those from SaaS applications and IaaS or PaaS clouds. Unifying disparate data points provides both IT Ops and security teams with more actionable intelligence to speed MTTR and incident response.

Conclusion

Secure UX has a domino effect across all functional areas of the organization. Users from sales, marketing and product development through manufacturing and supply chain management have more confidence in the data they are working with. The result is improved modeling and decision outcomes. At the same time, companies strengthen financial management, reduce risk and ensure adherence with governance, regulatory and compliance requirements.

IT teams must evolve toward a unified approach that promotes collaboration and efficiency to better align with corporate ROI and risk management objectives. Nearly three years ago, we introduced the PADS (Performance Analytics and Decision Support) Framework as a more strategic approach to integrating next-generation performance management and security with big data analytics technologies. It established best practices for assuring user experience, reducing risk and improving decision making enabling IT Ops and security teams to rapidly respond to the myriad events that impact their operations, security, compliance and competitiveness.

Leading and next-generation vendors in adjoining spaces such as application delivery controllers (ADCs), network and application performance monitoring and management (NAPM) and security information and event management (SIEM) have been coalescing around a unified approach to secure UX.

Expect these platforms to evolve further toward operational intelligence by expanding the types of data sources they collect and correlate. They will also drive deeper into analytics, including predictive capabilities, to allow IT – and eventually, line of business users – to monitor secure UX with greater granularly.

Gabriel Lowy is the founder of TechTonics Advisors, a research-first investor relations consultancy that helps technology companies maximize value for all stakeholders by bridging vision, strategy, product portfolio and markets with analysts and investors.

Share this

The Latest

January 20, 2017

Traditionally, Application Performance Management (APM) is usually associated with solutions that instrument application code. There are two fundamental limitations with such associations. If instrumenting the code is what APM is all about, then APM is applicable only to homegrown applications for which access to code is available ...

January 19, 2017

The correlation between mobile app crashes and increasing churn rates (or declining user retention) has long been suspected. In the report, titled Crash and Churn, Apteligent set out to understand the impact of per user crash rate on churn ...

January 18, 2017

In Fall 2016, Paessler AG surveyed 650 system administrators from 49 countries to get a "state of the SysAdmin" and find out how their jobs are changing, how they spend their time, and what their priorities are. The survey responses led to some interesting findings – namely, that when it comes to today's SysAdmins, things are not as they seem. Here are some of the key findings that illustrate the gap between perception and reality ...

January 17, 2017

Choosing an application performance monitoring (APM) solution can be a daunting task. A quick Google search will show popular products, but there's also a long list of less-well-known open source products available, too. So how do you choose the right solution? ...

January 13, 2017

Digital transformation is a key initiative for enterprises that want to reach new customers and offer greater value via technology. Changing user expectations, new modes of engagement and the need to improve responsiveness are the main factors driving companies to update outdated processes and develop new applications as part of a digital transformation strategy. But in order to deliver on the promise of digital transformation, organizations must also modernize their IT infrastructure to support speed, scale and change ...

January 12, 2017

Digital transformation is evolving the enterprise to one in which high performance applications are now the norm as organizations use video, graphics and other information intensive multimedia to populate these new channels of engagement. Digital technologies, and high performance applications, create further pressure on IT staffs which are grappling with PCs that are past their optimum performance. As a result, IT is looking at alternatives to swapping out PCs and investing in more costly equipment that will inevitably have an expiration date. One solution is to build on virtualization solutions that incorporate high-performance thin clients ...

January 11, 2017

If your business depends on mission-critical web or legacy applications, then monitoring how your end users interact with your applications is critical. Most monitoring solutions try to infer the end-user experience based on resource utilization. However, resource utilization cannot provide meaningful results on how the end-user is experiencing an interaction with an application. The true measurement of end-user experience is availability and response time of the application, end-to-end and hop-by-hop ...

January 10, 2017

There's nothing like a major web outage to remind us how much our applications rely on other web services and technologies to function. In late October of last year, a Distributed Denial of Service (DDoS) attack on Dyn, one of the largest Domain Name Service (DNS) providers on the internet, disrupted service for consumer and business applications across the web. This attack shed light on the delicate interdependent nature of the web as productivity and uptime across the world was effected ...

January 09, 2017

As an IT professional, I'm used to words that mean different things to different people. For example, "log monitoring" could mean anything from simple text files to logfile aggregation systems. "Uptime" is also notoriously hard to nail down. Heck, even the word "monitoring" itself can be obscure. This is why I'm not surprised that application performance monitoring (APM) can mean so many different things depending on the context ...

January 06, 2017

Big data continues to be the fastest-growing segment of the information management software market. New findings released by Ovum estimate that the big data market will grow from $1.7bn in 2016 to $9.4bn by 2020, comprising 10% of the overall market for information management tooling ...