Why should you care?

Why do agile services move so much?

Because they can. It is no longer bound to the network, it sits at an abstraction layer away from hardware. The network is software defined, and by its very nature, turning our traditional enforcement point into an optional path. If you are not sharing an API to your devops team for accessing the network resources, applications, data, and users, then they will program it themselves. They may be great coders, and produce incredible services, but that doesn't mean they know infrastructure, but to be fair, of the many devops teams I have had the pleasure of working with, I am thrilled to say there is an intense focus on security. People are aware, and they want to be safe. They do not want to be exposed. But they are also heavily focused on applications, and already have a monumental job to do building out their new business offerings. So how about we, the security and infrastructure people who have been doing this for years, help out.

Question: Does your policy change control process have more then 10,000 objects and rules in excess of 200?

When do we acknowledge that we aren't really managing security at this scale, we are are just keeping up.

Then you start to realizing that the velocity of change you are facing, sooner or later, will simply overwhelm your change control process. Can you open a pinhole access across your existing policy enforcement in under 4 minutes? And when the service expires 10 minutes later, will you close that access and clean up your policy? If you come across some containers in your enviroment, you might have a need for this.

Are you experiencing any of the symptoms below:

  • Change requests for new business services have no idea what network configuration will be used, even though its ready to go online.
  • When pressed for network and port information from the service, the developers offer 'tags' or 'labels' about the service
  • Your company is using terms like 'agile' or 'devops' to describe upcoming projects
  • Software Defined Networks are appearing, and disappearing, each with a new name and feature
  • Your application layer uses terms like 'container' or 'docker'

Expecting new outcomes, while applying the same enterprise tools and measurements is where this get's complicated. If you could just start fresh, it would be much easier, but we have to be realistic here. New applications will need to access old data. Traditional networks will need to talk to software defined platforms, and not about IP. The API from Securing Labs is about bridging these two worlds, and doing it today. Right now. There is no reason your current infrastructure can't enjoy the benefits of cloud services, and there is no reason to sacrifice security for agility, or force a wholesale movement of existing services to become more agile.

Get ready to roll up your sleeves, and experience security in the devops world, as we connect existing security policy to agile enforcement, and build tomorrows security policy today.


Securing Labs

results matching ""

    No results matching ""