I was just reading this article the other day about how organizations are going from a security fortress model to a micro service model. In the article it states that traditional IT build a wall around their infrastructure and have one drawbridge (gateway) into their network. This always for full control however it poses a challenge with flexibility in the current era.
For scalability, organizations want microservices or small portable applications that can connect with the internet of things. As the article states, Netflix and Amazon Web Services has perfected this which has allowed for their services to be interchangeable with devices and scalable from a resource perspective.
The article goes on by saying there is a new security model that allows for this type of environment and it’s called “Software Defined Perimeter”. From my understanding of the article, the security team does not care from which device the connection is coming from. Instead, if a user is able to access the software and provide valid credentials then they are authorized to use the software on that particular device. In terms of micro services, this means that the developers need to make sure the software is portable and the proven security controls can be portable with the software.
Sources
Fulton III, Scott. 2017, December 6th. Searching for the perimeter in cloud security: From microservices to chaos. Retrieve from http://www.zdnet.com/article/the-old-software-fortress-weathers-the-storm-of-supreme-chaos/.
Speak Your Mind