Businesses need modern observability techniques to secure their on-premises applications

By Gregg Ostrowski, CTO Advisor, Cisco Observability.

  • Thursday, 18th July 2024 Posted 4 months ago in by Phil Alsop

Much has been said and written about the need for organizations to adopt new techniques and solutions to protect their applications and infrastructure residing in the cloud. Accelerated deployment to public cloud-native technologies has led to a dramatic increase in attack surfaces, making it increasingly challenging for IT teams to protect applications from ever more diverse and sophisticated threats.

In response, IT teams have embraced cutting-edge full-stack observability solutions to generate unified visibility across their dispersed cloud-native environments. Organizations have integrated security into their observability approaches to identify vulnerabilities, understand root causes and apply fixes more quickly. And through observability insights, they’ve been able to get business context on their security findings, enabling technologists to understand the potential impact of security vulnerabilities within cloud-native technologies and prioritize remediation work based on customer and business outcomes.

The reality is, however, that most observability tools only run within cloud or SaaS environments - and therefore they’re out of reach for organizations maintaining on-premises applications. These organizations tend to be in heavily regulated industries such as federal or local government agencies, and banks and financial services institutions) - which are a major target for bad actors due to the amount of sensitive data they are handling.

Organizations operating on-premises environments urgently need new solutions to manage a rapidly evolving threat landscape, and to ensure that their mission-critical applications don’t suffer from disruption and downtime.

Fortunately, there is now a new breed of observability solutions which are delivering cutting-edge functionality within on-premises environments and helping IT teams to deliver secure and seamless digital experiences.

The big driver for on-premises continuing to play a dominant role in certain industries is regulation. In federal government, agencies are required to adhere to stringent rules, operating air-gapped environments, with no access to the internet. Agencies are navigating ever more complex regulations around the handling of citizen data across the public sector, and in industries such as healthcare and pharmaceuticals.

Elsewhere, within financial services, there are tightening regulatory requirements around data privacy and security. Major international regulations such as GDPR in the EU stipulate that organizations must ensure that customer data resides within the borders of the country where they are operating - again, severely restricting any potential to move applications that handle customer data into a public cloud environment.

In addition, on a more fundamental level, some organizations are choosing to keep their mission-critical applications and infrastructure on-premises because they believe this provides them with greater visibility and control. Business and IT leaders want to know where their data is always sitting and to manage necessary upgrades within their own four walls. This approach is particularly prevalent within the largest global enterprises which possess sensitive intellectual property (IP) - such as the big tech and semiconductor companies. They don’t want to put their most prized assets in the hands of external third parties - rightly or wrongly, they view this as too great a risk.

We’re also increasingly seeing organizations pausing or narrowing down their cloud migration plans amid ongoing concerns about the rising costs of cloud computing, as this trend is likely to continue given the challenging economic picture.

Whatever the reason for keeping applications and infrastructure on-premises, the challenge for IT teams is delivering seamless and secure digital experiences to end users - be that customers or citizen - at all times. Technologists need to be able to identify and understand availability and performance issues, and to detect potential security vulnerabilities in real-time to apply fixes and avoid any disruption and downtime.

And given the vast volumes of data that organizations are now handling within their on-premises environments, and the rapidly evolving threat landscape that they are encountering, many IT departments have recognized the urgent need to move beyond traditional application monitoring approaches.

Across industries such as federal government and financial services, organizations are embracing cutting-edge, self-hosted application observability solutions to monitor their most critical business systems, end-to-end.

Self-hosted observability - also referred to as customer-managed observability - includes on-premises deployments or cloud-based deployments where the organization retains control of all the data and associated operations. It enables IT teams to proactively manage the performance, availability and security of mission-critical applications and, in turn, to deliver market-differentiating digital experiences to their customers and users.

With observability, IT teams can access a unified view of their applications, infrastructure and data, enabling them to monitor, manage, and optimize applications in real-time. Observability can be integrated into the data center, while aligning to compliance, security, and operational policies.

Crucially, IT teams running on-premises environments need an observability solution which modernizes the installation of the on-premises control, building a modernized architecture running in a Kubernetes environment.

With a modernized observability control, organizations can benefit from the full range of full-stack observability capabilities which are available to organizations operating public cloud environments. This includes features such as AI-powered anomaly detection and root cause analysis, reducing the mean time to identify (MTTI) for application performance issues and speeding up troubleshooting through automated transaction diagnostics.

Organizations can also improve their security posture by implementing security solutions which enable IT teams to locate and highlight application security vulnerabilities with application context, and then leverage an automated business risk score that combines application intelligence and security intelligence, allowing them to prioritize their response by business impact. The addition of Runtime Application Self-Protection (RASP) enables organizations to defend the business from exploits that target application vulnerabilities.

With a modernized observability control, organizations can also manage and optimize availability and performance within their on-premises SAP environments, surfacing insights to address performance issues before they impact the business. Given the critical nature of SAP environments - where resilience is key - organizations can leverage AI-powered intelligence for the Java stack, enabling SAP developers and BASIS admins to ensure service availability, align performance with SAP business outcomes, and discover SAP related security vulnerabilities to mitigate risk.

Ultimately, organizations across a range of industries will continue to rely on self-hosted observability to manage business critical applications, and therefore it’s vital that they are able to benefit from the same level of AI-powered functionality within their observability solutions as businesses running cloud-native technologies. Only then will organizations such as government agencies and banks have the visibility and

insights, they need to optimize application performance, mitigate security threats and deliver exceptional end user experiences.

By Kashif Nazir, Technical Manager at Cloudhouse.
By Terry Storrar, Managing Director at Leaseweb UK.
By Manuel Sanchez, Information Security and Compliance Specialist, iManage.
By Peter Hayles, Product Marketing Manager at Western Digital.
By Richard Eglon, CMO, Nebula Global Services.
Anita Mavridis, VP of Product at Zivver, and Sue Musumeci, Director of Quality & Clinical Informatics at Chronic Care Staffing, explore practical...
By Graham Jarvis, Freelance Business and Technology Journalist, Lead Journalist – Business and Technology, Trudy Darwin Communications.
By Krishna Sai, Senior VP of Technology and Engineering.