Now is the time for govt’s to address application sprawl


James Riley
Administrator

Sponsored: There has never been more pressure on governments around the world at all levels to deliver digital services effectively and seamlessly.

The ongoing COVID-19 pandemic has accelerated the shift to delivering government services online, and all agencies and departments are turbo-charging their own internal digital transformation.

It’s common, and often seems easier, to purchase more off-the-shelf solutions to help facilitate this, spreading services and internal agency operations across different applications.

This is often be seen as being a safer and more cost-effective way to operate, but experts argue that it is actually the opposite.

data centre
Application sprawl is a thing

This strategy can lead to application sprawl, with the ballooning out of an IT system or network with new applications and resources. This occurs across governments and in the private sector and can introduce additional risks and security vulnerabilities.

With the pandemic accelerating government digital transformation and more services being delivered digitally, now is the time for governments to get on the front foot and address application sprawl before it gets out of hand, according to Chrystal Taylor, Head Geek at SolarWinds.

SolarWinds is a US software company providing IT management tools for network and infrastructure monitoring.

The parallel growth in online service delivery and the increased targeting of government by malicious cyber attackers means agencies need to be doing everything possible to reduce the potential attack vectors.

Having more applications than necessary serves to increase the risk of a cyberattack, Ms Taylor says, and this also means it will take longer to respond if a cyberattack takes place.

“You can wind up with too many hands in the cookie jar,” Ms Taylor said.

“You’re adding risk by adding more unnecessary administrator accounts, and this is adding to the overall risk.”

Application sprawl also means there is a danger that agencies will not have access to all the necessary data in one place to effectively deliver services.

“I see it a lot with application sprawl – there’s this overlap and you’re missing out on data points and correlations between those data points,” Ms Taylor said. “You’re not able to see the forest for the trees.”

The first step to addressing application sprawl is in conducting a comprehensive audit of an agency’s tech stack to get the full picture of the extent of the issue, what applications are in use and which ones need to be updated.

“It should be part of your regular maintenance tasks,” Ms Taylor said. “If you never do an assessment, you wind up finding things in 10 or 15 years, and those things haven’t been patched in so long and now they’re really vulnerable.”

There also needs to be communication within an agency on these issues to ensure siloes aren’t created, making it more difficult to work out what applications are in use, and which ones actually need to be in use.

There’s also an important role for automation to play, with the technology able to capitalise on efficiencies within an agency or company and complete the functions of multiple different apps autonomously.

“If you can automate that in any capacity, even if it’s just automating sending a report or something that small, you can save a large amount of time,” Ms Taylor said.

It’s a tricky issue to tackle, with simply adding more applications or services sometimes seen as the easiest or less risky option. But it’s important for individuals to step up and take the responsibility to take on application sprawl before it gets out of hand, he said.

“The more of these types of proactive actions you can take, the more risk you’re mitigating.”

While the pandemic has hastened digital transformation and improved the appetite for the delivery of government services online, this has also increased the interest of malicious cyber actors in these agencies, and the general risk of a breach.

Application sprawl can greatly increase these risks and create unnecessary vulnerabilities, while also slowing down an agency’s operations and costing more money.

The time is now ripe for agencies to get the full picture of where their tech stack stands and look to consolidate apps and update existing ones to mitigate this risk and deliver efficient services for all Australians.

This article was produced by InnovationAus in partnership with SolarWinds.

Do you know more? Contact James Riley via Email.

Leave a Comment