UpGuard Blog

UpGuard’s Digital Transformation in 3 Waves

Written by UpGuard | Aug 9, 2016 10:48:40 PM

We’ve had the privilege to participate in many successful deployments here at UpGuard. Yet, despite our rapid delivery and metrics like time-to-value surpassing expectations, we found that some of our customers were having some trouble using our platform to move along the path of digital transformation. Sometimes a single feature is enough to convince an organization to invest in a piece of software, but our tack is more holistic. Our view of resilience, and the way in which we manage cyber risk for the enterprise, helps companies in any stage of their digital transformation build the necessary trust to push their business down this often-new and unexplored road.

We can still remember a time before companies were on the internet. As with any emerging technology, organizations adopted online transactions organically, with specific aims in mind, and as a complement to their primary, offline means of doing business. Digital transformation signals a paradigm shift: far from being a nicety or convenience, online business is replacing traditional mechanisms, so that companies can act and respond quickly, engage with customers in real time and offer a tailored experience not limited by physical location. These are tectonic shifts in the foundation of how business is conducted. For IT professionals, this often means doing more, faster, with less. Achieving such a thing can be difficult, but companies who do so successfully build more value, more quickly, and are more productive.

Transforming a traditional environment into the well-oiled machine contemporary online business requires means passing through three waves of assessment. These waves build on each other, creating a bedrock of data-driven trust, and should be approached sequentially for best results, which is why we often refer to digital transformation as a journey.

1. Discover

The first step of the journey is to gather consistent, actionable information on the environment so that future work is performed with full knowledge of the actual state. Trust without visibility means relying on assumptions for critical business processes. UpGuard offers unparalleled and advanced visibility into every node, helping organizations understand what they have, how it’s configured, where vulnerabilities lie, and how the components relate.

2. Control

Once you have full visibility into the actual state of your environment, you can begin to define good state. Trusting what you have is important, but the key is to define how things should be, and monitor the actual state for inconsistencies to that ideal. This involves change management, notifications, automatic runbook generation and other mechanisms by which previously invisible actions are made accountable.

3. Predict

Many organizations believe fortification is the first step of the process, but how can you begin to improve what you don’t understand? Only after discovering what’s really there and building a system of scalable, intuitive control, can organizations begin to effectively fortify. Third party security policies such as CIS check compliance against industry best practices. CSTAR aggregates the myriad of IT security data and business information pertinent to cyber risk into a single score, which can be tracked over time for performance or comparison to similar companies, or to help communicate IT need and status to non-technical business leaders.

This all sounds good in theory, but we found that in practice, we needed a better way to make clear the digital transformation journey in which our enterprise customers are engaged. For that reason, we rewired the navigation in our product’s web application to reflect the three waves of assessment, with sections now routed to one of the specific phases. This allows customers to keep track of which stage they’re working on and how their actions tie into the bigger picture of cyber resilience.

Under Discover, you’ll find everything related to node discovery, addition, scanning, grouping and management. Remember, a node in UpGuard can be anything from a server or network device, to a cloud service or public website. Because digital transformation is holistic, it’s important to account for every node.

The Control menu is where you’ll deal with policies, define what a good configuration state is, create policies, and manage integrations. For example, our integration with ServiceNow helps companies verify that planned changes are completed correctly and that unplanned change generates tickets, ensuring teams can trust that changes to the actual state comply with organizational standards.

Fortify gives you public standards like CIS to ensure best practice, as well as your CSTAR score – a unified, easily understandable numeric representation of your external AND internal integrity, compliance, and vulnerability posture to communicate your digital transformation journey to non-technical colleagues. Other reports available in this section help translate IT status to business risk, creating trust and communication between technical and non-technical stakeholders.

For current customers interested in getting the latest update and working with the new navigation, click the “update” button under “settings” on your behind-the-firewall appliance. For our cloud customers, you’ll find we’ve already updated you to the latest version the next time you log in.

The way companies approach digital transformation now will define what they are in the future. The trends of digitization and online business are still rising and organizations locked in traditional patterns of IT governance will be hard pressed to keep pace with businesses who have streamlined their infrastructure to account for the emerging paradigm. UpGuard is dedicated to helping you, our customers, to be wildly successful throughout this journey. Thank you for being part of the UpGuard family. We welcome your feedback and hope to hear from you soon.