Removing Technical Debt Supports Cybersecurity and Incident Response for SMBs

Technical Debt Limits Visibility Into Vulnerabilities

Legacy software and systems — and the teams that manage them — tend to be siloed, which makes incident response difficult. Businesses with limited visibility may have trouble understanding where a problem originated. The result is that threat mitigation can take that much longer.

“As threats evolve, technical debt becomes a roadblock,” says Jeff Olson, director of software-defined WAN product and technical marketing at Aruba, a Hewlett Packard Enterprise company. “Security protocols and standards have advanced to address common threats, but if you have older technology, you’re at risk until you can upgrade your devices.”

Upgrades can prove challenging, however. Without a high-level view of what’s been deployed and where, it’s difficult to manually patch every laptop, device or network endpoint, Olson adds. Unfortunately, this vicious cycle leaves vulnerabilities in place.

Reducing Technical Debt Must Be a Priority for SMBs

The first step to reducing technical debt is to act now, Olson says. “Sweating it out” for another two or three years will only make things worse. Waiting also stymies innovation, as reducing technical debt can help SMBs take advantage of advanced technologies such as artificial intelligence.

Businesses should start with a deep-dive gap analysis that identifies the legacy technology in place and the limitations it presents. 

The next step is prioritization, as not everything can be modernized overnight. Olson likens the process to triage: Businesses need to identify high-impact and high-risk systems, addressing the most critical issues first. 

“It needs to be a practical approach that enhances what you have and puts layers of security in place,” Olson says.

EXPLORE: Integrate cybersecurity and asset management to strengthen security.

Hyperconvergence Brings Security and Insight

It’s common for businesses, especially midmarket companies, to reduce technical debt by combining storage, server and networking infrastructure and managing it through a single software layer. 

The resulting hyperconvergence brings three immediate security benefits:

• Modern hardware is inherently more secure, whether that means the latest laptops or cloud-native servers. So are operating systems. “There are no hidden back doors,” Olson says. Automated security updates are much easier to manage than manual installations, as well.
• Converged infrastructure requires less hardware in fewer locations, which vastly enhances overall observability. There are fewer attack vectors to manage, and fewer point solutions are needed to monitor them. For IT teams, this means there’s a single user experience — and just one support number to call — which expedites time to resolution.
• Running a converged hardware platform improves application performance. This cuts down on work-arounds that can compromise security, such as sharing passwords instead of waiting for new logins to start up.

Infrastructure convergence also makes it possible to create a data lake for managed detection and response, especially at the network level, Olson says. That enables behavioral analysis of devices, which can be applied to policies for managing devices and can help detect anomalies.

For instance, there’s a baseline for where a connected device should be located, how often it transmits data and how much data it shares. If that baseline changes — or if, say, the device requests access to a certain kiosk — the IT admin can receive a suspicious-behavior alert and take the device offline before an attacker can move laterally through the network.

“You need modern infrastructure, with security built in at the network level, to take advantage of these powerful capabilities,” Olson says.