Security Experts:

Three Ingredients to Maintaining Application Performance and Security at Scale

Scaling a company or even just a critical application within a company can be as scary as it is exciting. For starters, often you really don’t know when the hockey stick type growth will occur. Even the largest companies can’t always predict when demand will take off. Take a healthcare SaaS provider, for example. The business most likely has well laid plans in place for maintaining its application performance in the case of a sudden influx of traffic, but how easily can the resources be acquired?

To keep its system from falling prey to downtime, IT stakeholders must be part of a proactively designed strategy that’s ready to be deployed at a moment’s notice. Luckily, you can get well on your way to keep performance and security intact while you scale, by ticking three boxes.

Layer security to avoid bottlenecks

Scaling ApplicationsOne of the common challenges of scale that I see often is when traffic exceeds capacity of the network devices put in place, and they subsequently fail to inspect all of your traffic or block anything malicious. The result could be serious downtime and a gaping hole in your security while you upgrade resources in a hurry – which also happens to be risky. When you don’t account for growth when researching and implementing your security countermeasures, it's very possible that they will either cause a bottleneck in your network stack or – even worse – not protect all traffic, servers, or applications as you scale them. If frontloading your stack at the start is too cost-prohibitive or just not practical for you operationally, consider cloud options, which will allow you to scale up quickly as needed.

Deploying your security in comprehensive layers and making sure each one of your security measures can cover scaling potential is the best way to safeguard your data in the event scaling occurs. Evaluate and design these layers to be at their optimum level of efficiency, which will have the domino effect of safeguarding performance. Work to employ your firewalls, load balancers, intrusion detection devices, and other security layers so each piece complements another, and doesn’t bog down performance. Conduct regular audits on your security layers, and don’t forget the importance of testing. You can never check your infrastructure’s security pulse too often, and you can never test too much to guarantee strong performance.

Past performance trends can hold the key to future outcomes

You miss a lot if you’re only looking at what’s right in front of you, yet we see IT departments in perpetual reaction mode. You need to lift your eyes off the hood and anticipate what could be coming in front of you. If you manage infrastructure for an eCommerce business, you may routinely have a heavy week of traffic during a discount promotion, for instance. Try to gauge your future traffic spikes by appraising past surges, being cognizant of patterns, and anticipating future events, dates, or marketing initiatives that could catalyze a heavy load of visitors. Especially with eCommerce businesses, you’ll need to throw extra attention toward protecting your customers’ payment information while adding the resources necessary to scale. For example, virtualize new infrastructure in a way that makes it easily scalable right from the get-go.

Once virtualization is enabled, there are numerous, pre-emptive scaling methodologies that can be employed, so you have a bit of work to do in deciding what best fits your particular needs. If you can reliably gather the necessary insight into future demands, then manual scaling may suffice. If your business isn’t covered at all times, every day or experiences variable demand, an automated or scheduled approach to scaling can prevent a poor end user experience in engineers’ “off hours”. The latest scaling methodologies promise scaling with out downtime. Whichever path you take, you have to plan ahead to have the right resources in place. This magic simply doesn’t happen on its own. The more specific you can get, the more protected you will be.

Craft a blueprint for business continuity

I know I’ve said this before, but protecting your business from single points of failure is truly imperative, and now with the cloud, more attainable than ever. In days gone by, mitigating localized, physical hardware problems and traffic bottlenecks meant arduous procurement project to obtain more resources. Load balancing within a data center or setting up geographically diverse DNS hosting across multiple DCs are just two examples of the business continuity solutions available to equip your business, and many virtualized hosting environments come equipped with high availability standard, so be sure to watch for it.

With layered security, fluid scaling, and basic blocking tackling style business continuity in place, you’re ahead of the pack. You won’t regret investing the time to lay the foundation for reliable application scalability. Create a basic plan, then extend it out to cover as many potential scaling scenarios as you can imagine.

view counter
Chris Hinkley is a Senior Security Engineer at Armor where he maintains and configures network security devices, and develops policies and procedures to secure customer servers and websites. Hinkley has been with Armor (previously FireHost) since the company’s inception. In his various roles within the organization, he’s serviced hundreds of customer servers, including Windows and Linux, and overseen the security of hosting environments to meet PCI, HIPAA and other compliance guidelines.