By Gregg Ostrowski, CTO Advisor, Cisco Observability
These days, applications serve as the main gateway for organizations across multiple sectors. The need to deliver seamless and secure digital experiences is crucial, as businesses are aware that even the slightest mistake in application performance can have negative consequences, including a loss of customers, revenue, and reputation.
Technologists are recognizing the need for innovative approaches and new tools to manage and optimize their applications. Many IT departments are suffering from ‘tool sprawl,’ where IT teams are using separate and siloed monitoring solutions to manage different aspects of their IT estate – including applications, network and infrastructure.
The problem is this approach doesn’t provide unified visibility across cloud native and on-premises environments and it doesn’t enable teams to quickly identify issues and understand their root causes up and down the application path. And of course, this inability to isolate issues increases the likelihood of costly application downtime and disruption.
This is why we’re now seeing a major shift from application performance monitoring (APM) to full-stack observability. Cisco research, found that for 85 per cent of global technologists, observability is now a strategic priority for their organization.
The benefits of full-stack observability
With observability, Canadian IT teams can achieve comprehensive and unified visibility into the availability, performance, and security of their applications, extending down to the core network and infrastructure levels. This allows them to monitor and manage performance in real-time, quickly pinpointing issues, mapping dependencies, and applying fixes. Metrics like Mean Time to Resolution (MTTR) improve, optimizing the digital experience, and allowing technologists to allocate less time to troubleshooting, which fosters more innovation.
It sounds simple but the shift from APM to FSO is more complicated than just flicking a switch and implementing a single new tool overnight. It’s a journey which takes time (often two to three years for large enterprises) and involves significant technical, cultural, and structural change. The starting point for most organizations will be an existing APM approach, built around multiple monitoring tools, but every organization will take a different route to achieving observability, depending on its own specific business needs.
Advantages of an open platform approach
Starting out on their journey, organizations need to establish an open and adaptable platform as the foundation for building their capabilities. Consolidating tools may bring on resistance from teams accustomed to specific solutions and hesitant to accept enforced tool restrictions. However, adopting an open platform bypasses this issue by allowing integration and correlation of signals from various tools. For example, an organization might employ separate solutions for network monitoring, application monitoring, and security. All these solutions provide signals which can be aggregated and sent to an alerting system.
If these signals are all directed to an open, centralized platform for correlation, it enables rapid root cause analysis and provides a single source of truth for issue detection and streamlining operational efficiency.
Three milestones for organizations on the journey to observability
While each organization will follow its own unique path to get from APM to full-stack observability, there are some key steps every organization will take (in the most appropriate order), which brings significant benefits to Canadian IT teams:
1. Expanding visibility across domains
Regularly, the first step for organizations is to add infrastructure visibility (such as Kubernetes and hosted environments) and network visibility into their monitoring approach. This means that rather than just focusing on the application itself, IT teams can monitor the different domains which are required to make the application function – such as network and infrastructure.
2. Building security into the monitoring strategy
By integrating security monitoring into their observability capabilities, organizations can ensure complete protection for applications, from development through to production, across code, containers, and Kubernetes.
With continuous runtime application self-protection (RASP), technologists can protect applications from the inside out, wherever they live and however they are deployed. They can see what is happening inside the code to prevent known exploits and simplify vulnerability fixes. Developers can generate targeted insights into their application environments which allow them to respond to threats at scale – whether that’s in containers, on-premises, or in the cloud – and integrate security throughout the entire application lifecycle.
Crucially, adding security into observability enables much greater collaboration between security and application teams, facilitating the shift to DevSecOps methodologies.
3. Generating an end user view
By implementing digital experience monitoring (DEM), organizations can start to look at application performance from the customer perspective, understanding and analyzing the experiences end users are enjoying when using an application or digital service. Functionality such as Session Replay enables IT teams to visualize how customers are behaving and engaging. Digital experience monitoring tends to be prioritized within industries which are very consumer-driven, retail but also financial services. This is where delivering an optimized digital experience is crucial.
Canadian IT leaders must develop a holistic strategy for observability
As organizations urgently look to expand their visibility into cloud native technologies, the shift to full-stack observability is gathering speed. IT leaders are recognizing the benefits and they’re eager to start taking full advantage.
However, they need to take the time to ensure they have the right strategy and approach from the start, giving just as much consideration to the cultural and process changes required for success as the implementation of the observability platform itself.
Finally, IT leaders need to understand there is never really an end to the journey to full-stack observability. As new technologies emerge, there will always be a need to add new layers of monitoring and visibility. This is why a platform approach is beneficial, with open standards enabling organizations to plug in new tools and solutions. This way, observability provides the foundation for rapid and sustainable innovation into the future.
Kaiser Permanente Reports Data Breach Affecting 13.4 Million Patients
Posted in Commentary with tags Hacked on April 29, 2024 by itnerdThe reports of pwnage on this Monday morning continues.
Kaiser Permanente, a major U.S. nonprofit health plan operator, has announced a data breach potentially affecting 13.4 million patients across multiple states. This incident involves unauthorized sharing of personal information through third-party trackers on Kaiser’s websites and mobile apps.
The healthcare giant, which operates 40 hospitals and 618 medical offices in regions including California, Colorado, and Washington, D.C., identified the breach through an internal investigation. The trackers in question, associated with entities such as Google, Microsoft Bing, and Twitter, were transmitting personal data when patients accessed Kaiser’s digital platforms. This data included IP addresses, names, and details indicating whether a user was logged into Kaiser services, as well as their navigation and interaction behaviors on the site.
Though Kaiser reported the unauthorized access to its networks in an April 12 filing with the Dept. of Health and Human Services, the notice was reportedly made public on Thursday.
Importantly, the exposed data did not include usernames, passwords, Social Security Numbers, financial data, or credit card numbers. However, the breach did lead to the exposure of sensitive information such as full names, medical records, dates of service, and lab results.
In response to the breach, Kaiser Permanente has removed the implicated trackers and enhanced their data security measures to prevent similar incidents in the future. Kaiser told Reuters it has not identified any misuse of the data. The breach is part of a broader issue highlighted by the FTC regarding the use of third-party trackers in healthcare and other sensitive areas.
Ted Miracco, CEO, Approov Mobile Security had this to say:
“Healthcare apps often process and store highly sensitive data, including personal health information (PHI), which requires protection beyond the standard security measures provided by mobile operating systems. The incident with Kaiser Permanente illustrates the vulnerabilities that can arise from mobile applications with inadequate security and improper API usage.
“Healthcare apps frequently use APIs to interact with other apps and services, including cloud-based storage and third-party analytics. Securing these APIs is crucial as they can be exploited to access sensitive data. Solutions that manage API keys and monitor API gateways can provide an added layer of security by ensuring that only authorized users and systems can access the APIs. This data is a prime target for cybercriminals due to its value on the black market.”
The fact that the healthcare sector continues to be such a “soft target” for threat actors should concern everyone. Action needs to be taken to change that ASAP. Because as it stands right now, threat actors are having a field day at our expense.
Leave a comment »