Development is often at odds with operations, and security is the multifaceted culprit. IT operations must ensure that fast application releases do not open security vulnerabilities.
Businesses emphasize speed, pushing IT to roll out more software releases than ever before. Under Waterfall and other methodologies, software releases are tightly controlled and spread out to one every few months. DevOps speeds up the release cycle, with some firms making hundreds and even thousands of changes daily.
Software applications are also larger to meet today's needs; some applications possess hundreds of millions of lines of code. Containers and DevOps create more modularity: Systems are broken into interactive components. The result is a growing number of interconnections, which can become vulnerabilities. IT security management tools must accommodate these trends in application architecture and deployment. A broad suite of cybersecurity tools, including those for configuration management and patching, helps IT operations meet those conflicting objectives of fast and safe.
Synchronize all systems
Securing IT applications is a multifaceted endeavor. Because there are more possible entry points for attacks, IT operations must place security checks at multiple locations.
Start with the network layer. Virtual LANs (VLANs) protect information at the data link layer (layer 2). VLANs take one large enterprise network and divide it into segments. While cybersecurity isn't the only benefit, segmentation enables an organization to place checks on network access attempts by systems and to isolate devices holding sensitive information from other systems.
Firewalls check transmissions as they enter and exit the network. While these products have been around for decades, businesses continue to invest in them; IDC found that firewall revenue increased by 10.4% in 2016. Barracuda Networks, Cisco, Symantec, Trend Micro and many other organizations sell firewalls.
Intrusion detection systems monitor device transmissions. These cybersecurity tools examine system interactions for anomalies that indicate an outsider is attempting to breach a system. For instance, a device repeatedly violates systems policies by attempting to gain security administrator credentials; the IT operations team alerted by the intrusion detection system must pinpoint the source and put checks in place to block them. AlienVault, Cisco, Fortinet and Juniper Networks are a few providers in this space.
Move up a layer
The move to web and mobile computing created new upper-layer security holes. Hackers breach systems at this level with various attacks, such as cookie poisoning, cross-site scripting and SQL injections.
Web application firewalls (WAF) are cybersecurity tools that function like traditional firewalls but focus on application-level code rather than network access. The cloud is prompting businesses to deploy security checks more widely. Gartner found that the number of businesses using cloud WAFs will increase from 25% now to 70% in 2020. Barracuda Networks, Cisco, Citrix, F5 and Fortinet are a few WAF providers.
Automation in the name of security
Routine maintenance -- or lack thereof -- creates another opening for attack. Verizon's data breach report found that 99% of vulnerability exploits in 2014 had patches more than a year old. And Gartner research showed that misconfigurations -- not vulnerabilities -- will cause 99% of firewall breaches through 2020. Stronger patch management procedures and tools ensure that such flaws are identified and remediated.
IT operations teams define formal policies and procedures that govern asset identification, status monitoring and auditing. Configuration management tools provision new systems automatically and ensure that consistent system and application services are delivered across various devices. When all systems work with a consistent security profile, it lowers the chances of one user working with outdated, vulnerable software.
Configuration management often works in conjunction with patch management. Tools such as Chef, Puppet, Salt and HashiCorp automate configuration and patch management processes. These tools help operations keep pace with rapidly changing security configurations.
DevOps dramatically increases the pace of IT application change. Consequently, it can be challenging to roll out new releases without compromising existing systems. Consistent configuration and patch management procedures for deploying application-level cybersecurity tools ensure that software enhancements are secure.
Why does a data breach cost so much?
The legal side of a data breach
Inside data breach settlements