The Value of Performance and Security
What is the real value of rich applications developed with performance and security in mind and why do we often realize far too late that we have lost something important?
Questions like this help us to realize what is going wrong and how to adjust our behavior to avoid expensive pitfalls. This post outlines the reasons why we realize that our investments in performance and security is often misplaced.
Before you have it
Our customers are in the driver seat because it’s their decision where to buy. A beautiful product presentation is one of many steps in the right direction but ff your site is loading slow at your customer’s point of presence the chance is high that they abandon using your services.
History has shown that we tend to ignore soft facts such as response time or application security. Security breaches due to application vulnerabilities occur each day and not acceptable response times are often on our day-to-day agenda. We work with slow systems in our professional job, we navigate on slow, and we get distracted from being focused on our intended tasks due to this slowness. Those of you who tried to speed up their applications, fix security issues at the root have realized that this is not a simple planning task. It requires experience, a guiding hand and trust of the management team before quick wins can be realized.
Drivers for the value of performance and security before we have it are
• Experience and Skills
• The wrong toolset
When you have it
Your teams put all their efforts into the tuning and optimization of your brand-new application. Critical performance hotspots have been fixed. Performance requirements are within expectations, performance assessments of new releases are in place which identifies hotspots and escalate those to developers.
Our reliable quality gate controls what applications get deployed to production. Well, such a high performance and security maturity level requires some investments which let you feel not appropriate if performance and security at production are running too smoothly. You can quickly run into a pitfall and cut down investments for non-functional aspects.
Drivers for the value of performance and security when you have it is
• Quality gate in place
• Hotspots have been fixed
• Response times are within expectations
• No IT security risks
After you lose it
For many reasons performance and security could quickly fall back behind other priorities and once you realized that massive slowdowns are impacting user experience, it’s almost too late.
Your teams worked hard and built rich applications. All medium and high-risk security issues have been fixed and page load times are excellent. There are no user complaints about slow loading websites. Operational teams have monitoring cockpits which display all key performance metrics. Deviations are immediately reported to responsible support teams which investigate the problem, identify the cause and request a fix for those performance hotspots from their development teams.
Priorities change once the application is deployed at production. There is no longer a DevOps team which is permanently analyzing and optimizing the new system. Data volumes grow, content changes and also the underlying infrastructure is often shared with more and more applications. All those changes draw an impact on end-to-end user experience and security.
According to research only 1 of 10 customers reports performance slowdowns. The remaining 90 percent gets frustrated and abandon using your services. You will even notice it when its already too late and your customers are frustrated and sales declines.
Drivers for the value of performance and security when you lose it are
• Gaps in the monitoring chain
• Frustrated users abandon using your services
• Image and Reputation impact
• Decline of sales
Proactivity and ongoing optimization are the best strategies to avoid running into a performance or security disaster. Validate performance and security early and often in your DevOps pipeline, fix issues as they have been identified, close technical depts and regularly check the reliability of your apps deployed at production.
For any questions concerning how to make performance and security part of your DevOps pipeline reach out to me.
Keep doing the good things!