Rebuilding enterprise security: Application modernization and the Premera hack

Application modernization can help organizations shore up data security

ninja ww 08

Security threats can be stealthy, but application modernization is an even stealthier way to protect organizational data.

Credit: Maria de la Riva, Leap

When word broke last week that the data belonging to more than 11 million customers, dating back to 2002, had been hacked at Premera, it occurred to me that IT is at a crossroads between the proliferation of customer-facing apps and the need for application modernization across the enterprise.

Standing at that crossroads (and a little bit exposed) is enterprise IT security.

Demand for customer-facing apps is exploding -- and it's driven as much by IT strategy as by business needs from Marketing, Sales, and HR. With increased volume comes increased complexity (hello, Big Data!), and with increased complexity often comes reduced control over security.

Further complicating things is the need for application modernization across the enterprise. Put simply, application modernization is the redevelopment of an existing software application to allow it to continue to be used by the business and to integrate with new systems.

Like rebuilding an automobile engine, app modernization can be an economical and efficient way of extending the life of the app. It's also in line with modern software development: in the age of SaaS, we tend to have a test-and-refine approach, rather than a rip-and-replace appetite.

Unlike rebuilding an old motor, app modernization is not always about extending the life of something that needs to be retired soon. Modernization also is a strategy for upgrading an organization's entire IT infrastructure, starting at the application level, and then going deeper when needed to address foundational issues that, in turn, support stronger application integration, deployment and management.

As companies need to push out more customer-facing apps, the need for a comprehensive security strategy never has been more acute. Take, for example, Premera's industry, healthcare: online portals to access health plan information, mobile apps for insurance claims, and integration with provider e-health information systems are increasingly standard features, rather than unique offerings from health plans that are early IT adopters.

Combined, these kinds of apps provide increased opportunities for direct customer engagement -- and increased risk of exposure to security breaches. Companies can help mitigate the risk by developing new apps as part of a modernization strategy that codes for security.

By tinkering with apps through the modernization process, organizations can uncover opportunities to rebuild the security of their IT infrastructure. Rather than just rebuilding the engine, they can replace the wiring and update the lines that connect the IT powerplant -- the software applications that bring the business to life.

This article is published as part of the IDG Contributor Network. Want to Join?

To comment on this article and other InfoWorld content, visit InfoWorld's LinkedIn page, Facebook page and Twitter stream.
From CIO: 8 Free Online Courses to Grow Your Tech Skills
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.