Blog
ExtraHop Co-Founder and Chief Customer Officer Raja Mukerji
Yahoo. LinkedIn. Dropbox. Premier Health. The Internal Revenue Service. The U.S. Justice Department. Hollywood Presbyterian. These are just a few of the big name companies that suffered or uncovered a major data breach in 2016. In some cases it was ransomware. In other cases it was data exfiltration or distributed denial of service (DDoS) attack. Regardless of the type of threat, these organizations suffered material, reputational, and financial harm as a result of these breaches.
And it's not just IT security that's problematic. It's performance as well. In January, Delta Airlines suffered its second major IT systems outage in less than six months, forcing the company to delay or cancel hundreds of flights. JetBlue likewise suffered a major systems outage due to a problem with Verizon's cloud. Salesforce, LinkedIn, Snapchat, even Pokémon GO - for which performance challenges and repeated DDoS attacks delayed the game's release in Europe - all experienced critical application performance problems that materially impacted business operations and customer experience.
According to Gartner, "While studies have shown the cost of unplanned downtime averages several hundred thousand dollars per hour, the cost to your organization can vary dramatically and could easily go into multiple millions of dollars per minute, based on business model, time of day and several other factors." (Gartner, Andrew Lerner, Sanjit Ganguli, and Vivek Bhalla, "How to Reduce Network Downtime in the Era of Digital Business," December 2016).
Threats are only getting more and more sophisticated. Applications and infrastructures are only getting faster and more complex. At the same time, user experience expectations have never been higher. In the digital business era, microseconds matter. What worked to manage performance and security five years ago is insufficient.
Recently, Microsoft Azure announced Network Watcher, a new offering that makes it easy to capture packet data from virtual machines and log flow data from things like Network Security Groups. This represents a paradigm shift in the industry - one that's going to rocket cloud migration forward and put Azure at the forefront of IaaS.
An Antiquated Model Rips Apart At the Seams
The challenges - and competitive repercussions of security and performance issues - are forcing global organizations to reconsider how they monitor and manage their IT infrastructures. The old modalities - legacy implementations of perimeter-based security and log-based (self-reported) performance analytics - are ill-suited to today's large scale infrastructures, heavily trafficked applications, and increasingly persistent and sophisticated threats. They are antiquated at best, and dangerous at worst.
Adopting a trust model based on topology and boundaries without the ability to definitively verify the assumptions underpinning that model is one of the reasons organizations are having so much difficulty with security today. Attackers are hiding in plain sight, taking advantage of the fact that immense complexity and the migration from infrastructure delivery to service delivery in IT effectively offers them free reign over the multiple blind spots in the enterprise.
Cloud Magnifies the Problem
These challenges have only been magnified in public cloud. The misguided assumption in the genesis of public cloud was that it should follow an outsourced model, in which organizations place their least valuable resources in the care of a third-party. In other words, "Let us take care of the stuff you don't care about. Offload it and forget it!"
But now that entire infrastructures are being migrated to the public cloud, this outsourced model isn't workable. Production applications on which businesses and customers rely now live entirely in the cloud, and organizations can't merely migrate and forget. It's like saying "I've got my money in mortgage-backed securities, and I don't understand mortgages, so I'm just going to leave it there and not worry about it." The result of willful ignorance has never been bliss.
Performance, Security, and the Cloud
With the introduction of Network Watcher, Microsoft is advancing the state of IaaS. For the first time, organizations can easily capture the critical data they need to understand the performance and security of data and applications running in the Azure cloud. This move demonstrates Microsoft's commitment to the enterprise and underscores their unparalleled experience in this domain.
With Network Watcher, Azure customers can now easily apply IT analytics to virtual packet data, transforming it into rich wire data that delivers unbiased and accurate real-time insight into the performance and security of their cloud-hosted applications.
Wire Data is too important a source of insight to ignore. Azure has taken the first step in demonstrating thought leadership in Public Cloud, and in showing their alignment with the enterprise in exposing this incredibly rich source of real-time, complete, and unbiased insight to their users. We applaud them and salute their alignment to their customers, and their understanding of the need for insight in today's data economy.
