InfoGuard AG (Headquarter)
Lindenstrasse 10
6340 Baar
Switzerland
InfoGuard AG
Stauffacherstrasse 141
3014 Bern
Switzerland
InfoGuard Deutschland GmbH
Landsberger Straße 302
80687 Munich
Germany
Zero Trust and DevOps are two paradigm shifts that will also radically change your cyber security. In this blog post, we will show you the extent to which these two approaches complement each other and the benefits you can reap from them.
The world's ongoing digital transformation is moving forward and profoundly affecting everyday life. The most visible effect is the evolution of end devices, from the classic company desktop computer, to corporate notebooks, to BYOD and tablets.
Simultaneously, we are seeing an evolution in the applications installed on these devices. Client-server architectures were the norm in the age of the desktop computer, but with the emergence of browser technologies, the majority of business functions disappeared from the end device (client) and were replaced by web portals. Today, part of the logic is being moved back to the client in the form of mobile apps and browser-based single-page applications. These apps are easily distributed and sold through app stores. The server is no longer called a portal, but a resource, and REST is the preferred protocol for interacting with these resources.
Operating models have also changed in parallel with the above. Today, computing resources are also used as a service, and companies are moving some or all of their IT services to the cloud. This involves losing some control over the infrastructure and maintaining it, as operational control is delegated to the cloud infrastructure provider. All this leads to newly emerging risks and threats to businesses, a need to redefine “trust” and a requirement to rethink cybersecurity.
In the beginning, the classic “castle and moat” approach was considered to be adequate to protect the internal network's perimeter, and everything and everyone within the internal network was accepted as being “trustworthy”. Best security practice today recommends an architecture that shifts access control from the perimeter toward services. This means that control over access is carried out by the application itself or by a security component located directly in front of it. The question that arises is what security tools are best suited to managing the transition to a Zero Trust architecture. The Zero Trust concept is pretty recent and is an approach to cyber security that changes everything from the ground up. Rather than trying to protect a secure internal trust zone against malicious external attackers, Zero Trust stipulates that every single request is assumed to be untrustworthy until proven otherwise. We've already told you exactly what this means and why the switch to Zero Trust architecture doesn't happen overnight in an earlier blog post.
In the increasingly digital and software-based world, a company's success also depends on how quickly (and securely) services can be developed and delivered. DevOps can lead the way in this respect. DevOps is a second paradigm shift alongside “Zero Trust”. It presents a challenge to corporate structures, with separate responsibilities for networks, storage, operating systems and applications. This shift is hastened by the move to the cloud because all infrastructure operations are outsourced. Cloud providers are providing additional services to be integrated with applications and tools, enabling the development and automated installation of applications. Ultimately, the cloud provider facilitates the shift to DevOps by providing services that developers and DevOps can build upon in order to fully focus on implementing the business functions.
However, DevOps is also emblematic of a new culture where departments work together, whereas in the past they pursued somewhat different goals. Software development needs to be agile and creative, with its finger on the pulse of technological development in order for it to have the ability to deliver new features on an ongoing basis. Conversely, IT operations focus on stability, security, and reliability. Currently, DevOps is trying to reconcile this apparent contradiction between agility and stability. DevOps is a logical evolution of agile software development that aims to integrate the entire value chain in an interdisciplinary manner and to break down traditional silo thinking in order to ultimately deliver customers better, more reliable solutions.
The days of perimeter security alone are over. Zero Trust and DevOps require changes at the company level, as well as new tools like Microgateways to implement them. It also demands a lot of effort to migrate a large corporate network. Existing perimeter security solutions are not replaced. Their function is upgraded from performing just a routine role to occupying a strategic position in the overall defence system. The benefits gained by a company with Zero Trust architecture are enormous, both in technical and operational terms. This means that now is the time to launch the first project and take the first step towards Zero Trust. You are bound to find valuable information in our white paper – so embark with us on the Zero Trust journey.
As you can see, there are numerous advantages to following the Zero Trust and Dev Ops paradigms – a happy CISO and an agile deployment process, which in turn lead to a shorter time-to-market for innovations. But putting all of this into practice isn't straightforward, even if you only have just one environment. In the coming week, we will show you how to do it using practical examples.