Montreal-based software and hardware firm Accedian today released a new research study examining the adverse security implications of network overprovisioning in enterprises and the common practices and concerns surrounding it.
Results revealed that nearly 70% of the 500 IT professionals surveyed in the U.S. view security as the biggest concern with overprovisioning. This, the company said, underpins the need for an alternative approach that's both sustainable and inexpensive, and optimizes network and application performance and security visibility, as outlined in the research.
“Overprovisioning means there is more infrastructure to protect, a larger attack surface, more attack vectors, and an increased opportunity for the misconfiguration of tools due to human error or Security Operations Centre (SOC) overload,” said Chris Kissel, research director, worldwide security and trust products at IDC.
“It is like a ticking time bomb for enterprises unless urgent action is taken to rectify it. Given the extent of overprovisioning taking place across industries including financial services, public sector, healthcare, IT, manufacturing, and retail, coupled with the surge in security incidents in the past year, it's more about when and not if a cyberattack is successful.”
Some of key highlights from the research include:
- Security is the biggest concern with overprovisioning for 72% of the surveyed IT professionals, followed by management (55%) or budget (48%).
- The majority of network administrators (62%) believe that network security is more important than cloud application performance (38%).
- 66% of respondents admit to overprovisioning over the past 9-12 months.
- The reasons cited for overprovisioning include – network latency (62%), worries over database service delays (61%), concerns over application code issues (58%) as well as not wishing to upset users (34%).
- 78% admit that overprovisioning led them to discover further performance bottlenecks.
"The alternative to overprovisioning is installing smart, end-to-end network and application monitoring tools that deliver high-performance network and user experience monitoring,” said Mary Roark, vice president of cybersecurity strategy at Accedian.
“In today's hybrid cloud and software-defined environments, virtualized network monitoring tools that empower SOC teams with metadata and machine learning analytics can assist to identify unusual activity on a network.”