When participating in a security review, you’ll often be asked whether you give data to a third party, for example Microsoft. You may even be giving this data without knowing it. The data you give to Microsoft is known as telemetry—Canadian companies and individuals do it all the time. Telemetry is an automated communications process by which measurements and other data are collected at remote or inaccessible points and transmitted to a receiving equipment for the purposes of monitoring and analysis.
An easy way to think of telemetry is to think of the tools used by NASA when they send rockets into space. In order to ensure that the rocket operates properly, the goals of the mission are met and the astronauts return safely, all aspects of the health of the rocket in orbit must be monitored. How much fuel does it have? What is the rate of fuel consumption? Is the rate of fuel consumption remaining constant? The answers to these questions are transmitted to ground control. Over time, NASA has developed the ability to collect and transmit richer and richer data. This data is analyzed to ensure the safety of the rocket and crew and to quickly identify and prevent potential problems. The richer the data collection, the easier it is to ensure the security of the mission.
Another, much simpler, example of telemetry can be seen in smart home security systems. You can monitor the lock on your front door, your window blinds, and your furnace from a beach in Mexico. You invigilate these aspects of your home functioning to ensure things are running smoothly in your absence and to address potential problems the minute they might arise.
Telemetry works essentially the same way when it comes to IT and cybersecurity. In the IT world, telemetry is how data about your computer is tracked in operation from a distance. The elements that are tracked include but are not limited to:
Basic functions that allow for smooth operation such CPU utilization
Server load and availability
Disk space usage and memory consumption
It could also include metrics that might indicate security breaches
Telemetry can root out security risks by detecting anomalous activities from data collected from networking tools and devices. The more data that can be collected and monitored, the smoother the system will operate and the higher the level of security can be maintained.
Given that increased data lends itself to increased security, it is easy to see why data collection is now gold. Every single aspect of what’s going on in a computer is valuable to somebody, somewhere. Cortana, Microsoft’s virtual assistant, gathers up an enormous amount of information from your computer and sends it to Microsoft to be analyzed. Data collection has been around since the beginning of time, but it has reached an all new level of efficiency. Companies now know that achieving best-case outcomes is dependant on truly business-based IT monitoring.
Improving technologies can allow IT vulnerabilities such as server failures and network issues to be promptly addressed, more easily mitigated and, increasingly, reliably predicted. As a result, there’s a new venue opening for IT support services: end-user telemetry, which enables IT professionals to determine how users are consuming business resources, what type of IT issues they are experiencing and how it impacts the Canadian business bottom line. A recent study predicts that 60% of IT monitoring investments will include a focus on business-relevant metrics by 2021, up from just 20% in 2017.
Historically, business needed to depend on techniques such as user response surveys or self-reporting to get feedback on what applications are being used by staff or what functionalities are missing. By using telemetry, Canadian companies and their IT teams can see if apps are performing as intended, where the bottlenecks happen and where business-driven alternatives can be implemented.
Telemetry is valuable for predicting and mitigating potential IT vulnerabilities. However, it also can be used to identify cost savings or revenue-boosting alternatives and real-time insights into critical KPIs.