Adverse security implications of enterprises network overprovisioning

Accedian released a research study examining the adverse security implications of network overprovisioning in enterprises and the common practices and concerns surrounding it.

Nearly 70% of the 500 IT professionals surveyed in the US view security as the biggest concern with overprovisioning. This underpins the need for an alternative approach that’s both sustainable and inexpensive, and optimizes network and application performance and security visibility, as outlined in the research.

“Overprovisioning means there is more infrastructure to protect, a larger attack surface, more attack vectors, and an increased opportunity for the misconfiguration of tools due to human error or Security Operations Center (SOC) overload. It is like a ticking time bomb for enterprises unless urgent action is taken to rectify it,” said Chris Kissel, IDC Research Director, Worldwide Security & Trust Products.

“Given the extent of overprovisioning taking place across industries including financial services, public sector, healthcare, IT, manufacturing, and retail, coupled with the surge in security incidents in the past year, it’s more about “when” and not “if” a cyberattack is successful.”

Enterprises network overprovisioning hurdles

• Security is the biggest concern with overprovisioning for 72% of the surveyed IT professionals, followed by management (55%) or budget (48%).
• 62% of network administrators believe that network security is more important than cloud application performance (38%).
• 66% of respondents admit to overprovisioning over the past 9-12 months.
• The reasons cited for overprovisioning include – network latency (62%), worries over database service delays (61%), concerns over application code issues (58%) as well as not wishing to upset users (34%).
• 78% admit that overprovisioning led them to discover further performance bottlenecks.

“The alternative to overprovisioning is installing smart, end-to-end network and application monitoring tools that deliver high-performance network and user experience monitoring,” said CISSP Mary Roark, VP, Cybersecurity Strategy, Accedian.

“In today’s hybrid cloud and software-defined environments, virtualized network monitoring tools that empower SOC teams with metadata and machine learning analytics can assist to identify unusual activity on a network. Even better, using a tool that serves both network operations and security operations teams will simplify operations, reduce costs and help to prevent overprovisioning and the introduction of more risk by addressing network performance issues in the same platform as security.”