The ability to scale infrastructure and systems to match growth rates, increased workloads, market demands and spikes is critical. This has been tested in recent months with the hyper growth of video conferencing platforms such as Zoom and online shopping with the associated delivery of goods surging because of the “stay-at-home” requirements issued due to the COVID-19 pandemic.
For many organizations, particularly retailers or those that provide services to other businesses, business resilience during the COVID-19 pandemic has meant an exponential increase in transactions requiring organizations to amp up their throughput and security at every level to account for the increase in volume. For example, a retailer may purchase financial processing technology based on its expected throughput (transactions per second). If suddenly, a retailer has 10x the volume of customers, unless scalability is built in, there could be outages or slowdowns in payment processing. Unfortunately, this combination of factors can have a catastrophic effect on a business or financial institution. “Telecommunications, e-commerce, and financial services all have large digital adoption, financial information, and payments at the center of their online experience, and fared relatively well compared to other industries during the pandemic,” according to Melissa Gaddis, senior director of customer success for TransUnion Global Fraud & Identity Solutions.1
When building or upgrading enterprise cryptographic infrastructure in particular, organizations must prioritize scalable architectures and systems as a critical requirement for growing business environments.
When building or upgrading enterprise cryptographic infrastructure in particular, organizations must prioritize scalable architectures and systems as a critical requirement for growing business environments. These principles are applicable to virtually all businesses, but, in particular, they apply to the “always on, always available” needs of financial institutions, retailers and Internet of Things (IoT) device manufacturers. Whether it involves high-volume financial transaction processing or issuing hundreds of millions of certificates, these organizations require security and an nth degree of throughput scalability—essentially, a high availability infrastructure—to handle the volume.
How to Accomplish Security Scalability
An organization’s infrastructure depends on security, performance and reliability. Two types of scaling can help:
- Horizontal scaling—This is adding more hardware or machines to your pool of resources. This often involves increasing your data center footprint and power consumption to accommodate the additional devices.
- Vertical scaling—This is adding capacity or unlocking additional throughput within existing hardware or resources. Often, no additional data centers are needed for installation, which means no additional expenses for rack space.
Vertical or horizontal scalability options depend on the needs of the particular organization. For example, horizontal scalability adds more hardware units to the environment, thus creating redundancy, which can help with disaster recovery planning. Vertical scalability does not require adding more hardware units to the environment, which keeps rack footprints and associated costs down.
Enterprise security infrastructure has unique elements that make horizontal scalability more complex. Growing in this manner is often not as simple as installing more hardware in your data center; rather, it involves synchronizing configuration settings and security policies, updating log aggregation tools and potentially even holding cryptographic key loading ceremonies that require multiple administrators to travel to the data center. For users of enterprise security technology with integrated clustering and peering functionality, this process can be automated. But for those without that ability, the process can be incredibly time-consuming.
Consider scalability as a function of disaster recovery. A good disaster recovery policy will account for service unavailability. What happens if you have a 2-data center ecosystem and 1 goes down? Hopefully, the other has excess capacity or can scale to meet it. Questions for organizations to consider:
- Can scalability be accomplished through field-based updates if you are scaling vertically?
- How does the cloud factor into your scaling needs?
Scalability is the primary selling point of the cloud. Hybrid environments are often used, wherein on-premises systems will take the primary workload and the cloud will be there to handle unexpected peaks.
We know that disaster recovery and business continuity plans are essential for natural disasters, man-made disasters, security threats, and outages, but for all too many organizations, readying for and anticipating a pandemic was not in the books. The influx of users, shoppers, and transactions has forced organizations to quickly react to handle increased pandemic-related business efficiently and securely. We talk about future-proofing everything: our security, our systems, our infrastructure, our investment, our scalability. When it comes to anticipating increased loads and capacity needs, ensuring scalable security should be at the root of an organization’s mission-critical infrastructure.
Adam Cason
Is director of product marketing at Futurex where he is responsible for the company’s global go-to-market strategy, technical documentation portfolio, and engagement for customer and partner relationships. He is a subject matter expert in hardware security modules and key management with a strong technical background and deep knowledge of enterprise-class cryptographic ecosystems. Cason started his career at Futurex as a solutions architect, working closely with customers on product deployments, infrastructure analysis and system architecture.
Endnotes
1 Help Net Security, “COVID-19 Online Fraud Trends: Industries, Schemes and Targets,” 15 May 2020