IT Brief New Zealand - Technology news for CIOs & IT decision-makers
Story image
Overprovisioning leads to security vulnerabilities, so what can be done?
Fri, 20th Aug 2021
FYI, this story is more than a year old

More than 60% of IT professionals believe overprovisioning makes their networks more vulnerable, and nearly 70% are concerned that it increases their attack surface.

This is according to new research from Accedian that examines the adverse security implications of network overprovisioning in enterprises and the common practices and concerns surrounding it.

The research finds that nearly 70% of the 500 IT professionals surveyed view security as the biggest concern with overprovisioning.

This underpins the need for an alternative approach that's both sustainable and inexpensive, and optimises network and application performance and security visibility, Accedian states.

According to those surveyed, the biggest concerns with overprovisioning following security were management (55%) and budget (48%).

Overall, 66% of respondents admit to overprovisioning over the past 9-12 months. The reasons cited for overprovisioning include network latency (62%), worries over database service delays (61%), concerns over application code issues (58%) as well as not wishing to upset users (34%).

The majority of network administrators (62%) believe that network security is more important than cloud application performance (38%), and 78% admit that overprovisioning led them to discover further performance bottlenecks.

IDC research director, worldwide security and trust products Chris Kissel says, “Overprovisioning means there is more infrastructure to protect, a larger attack surface, more attack vectors, and an increased opportunity for the misconfiguration of tools due to human error or Security Operations Centre (SOC) overload.

"It is like a ticking time bomb for enterprises unless urgent action is taken to rectify it.

"Given the extent of overprovisioning taking place across industries including financial services, public sector, healthcare, IT, manufacturing, and retail, coupled with the surge in security incidents in the past year, it's more about when and not if a cyberattack is successful.

When considering possible solutions, Accedian vice president cybersecurity strategy Mary Roark says, “The alternative to overprovisioning is installing smart, end-to-end network and application monitoring tools that deliver high-performance network and user experience monitoring."

Roark says, "In today's hybrid cloud and software-defined environments, virtualised network monitoring tools that empower SOC teams with metadata and machine learning analytics can assist to identify unusual activity on a network.

"Even better, using a tool that serves both network operations and security operations teams will simplify operations, reduce costs and help to prevent overprovisioning and the introduction of more risk by addressing network performance issues in the same platform as security.

Accedian Skylight delivers high-performance network and user experience monitoring across any application, any cloud, and any network.

Essentially, the approach involves four steps: deploy, orchestrate, analyse and predict.

Deploy: Users can place Skylight sensors, which are available as both hardware and software, anywhere in the network according to the needs of the enterprise.

Orchestrate: Users can then leverage the company's zero-touch provisioning to deploy new sensors for a high-velocity solution. Skylight also simplifies, secures, and accelerates service validation, fault management, and performance insight, the company states.

Analyse: Accedian's machine learning analytics deliver a rapid time to insight, drilling down from end-user application issues deep into the network with root cause analytics and configurable alerts, the company states.

Predict: Skylight streams data in real time to monitor how well networks, applications, and services are performing, and whether it is time to make changes or adjust policies.

Significantly, this approach will also reduce the threat surface and provide Security Operations Centre (SOC) teams with network traffic data that can be used to better detect security breaches or anomalies, Accedian states.