GUEST REVIEW: Eager to accelerate innovation and gain competitive advantage, a growing number of Australian organizations are turning to cloud-native architectures and DevOps practices. The logic is that this will allow for faster development cycles and the ability to take advantage of new opportunities as they arise.
However, the resulting increased pace of software development cycles is putting pressure on IT security. Faced with tight deadlines, developers risk overlooking security or focusing on innovation at the expense of security.
Worryingly, according to a poll Per Threat Stack, 52% of companies admit to reducing security measures to meet business objectives, which could leave critical systems vulnerable to exploitation. This is because maintaining security is a challenging task and can add to the workload of already busy development teams.
One factor contributing to this complexity is the growing use of Kubernetes as a container orchestration system. Because it offers flexibility and a consistent code-based experience, Kubernetes has quickly become the platform of choice for developers.
The role of machine identities
When it comes to managing a Kubernetes ecosystem, a key source of risk stems from how organizations configure and manage machine identities. Every time a developer puts a microservice, container, or virtual machine into production, they must assign it an identity so that they can securely communicate with and manage that identity throughout its lifecycle.
The increasing use of cloud-based resources is also contributing to the explosion in the number of machine identities. Without consistent security standards and the appropriate tools to manage them, businesses risk becoming vulnerable to cyberattacks.
To address this issue, many companies are merging their development and security teams to form a DevSecOps capability. This makes sense in theory, however, with some reporting that the change is still not delivering the anticipated improvement in security.
According to research Conducted by Threat Stack, 85% of companies confirm that employing SecOps best practices is an important goal for them, yet only 35% say SecOps is currently an established practice.
Achieving DevSecOps Success
To enable a DevSecOps strategy to be successfully implemented, there are four key principles that must be followed.
1. Constantly monitor machine identities
With the pace of digital transformation increasing within many organizations, the number of machine identities that need to be managed is increasing. However, as many security teams are discovering, it is almost impossible to manually manage large volumes of digital identities without creating worrying security gaps.
A better approach is to make use of automation tools that can continuously monitor machine identities. This will significantly reduce security incidents for cloud-native workloads while ensuring that organizations can keep up with the speed of modern development and increased use of cloud resources.
2. Keep a consistent approach
IT teams within many organizations make the mistake of being inconsistent when managing machine identities. Using multiple tools and methods to initiate machine identity security can lead to confusion within teams. By clearly defining and communicating simple execution processes, teams can ensure that the way they initiate machine identity security is always the same.
3. Achieve visibility throughout the organization
With many IT teams deploying multiple containers every minute during peak periods, it becomes difficult to maintain visibility across the entire IT infrastructure. Issues that might be missed include misconfigurations in containers or the underlying Kubernetes infrastructure.
By introducing automation, teams can scan containers at every stage to identify their most common vulnerability and create a policy to remove it.
4. Use an application isolation strategy
To ensure strong security, it’s also important to make sure you isolate applications. This approach will reduce the impact of any cyber attack by ensuring that a compromised application is less likely to affect other areas of an organization’s IT infrastructure. It also helps limit the risk of damage to a system when new applications or features are released.
For the best security, IT teams should introduce container runtime scanning. Once a container is in production, put the proper mechanisms in place to ensure the container remains secure.
The power of following a DevSecOps strategy
Despite the potentially crippling impact a cyber attack can have on an organization, many development teams still see security as holding their progress back. Could not be farther from the truth.
By combining development and security following a DevSecOps strategy, it is possible to integrate security into the development process. This ensures that the required measures can be implemented from the start without slowing down the development process.
Preventing cyber attacks is critical for all organizations, and a DevSecOps strategy is a big step in the right direction.