What COVID-19 Teaches Us About Micro-Segmentation and Run-Time Cloud Workload Protection

This article outlines the similarities and differences between the COVID-19 travel ban, micro-segmentation, and run-time cloud workload protection. What COVID-19 Teaches us about Micro-Segmentation and run-time Cloud Workload protection.

This article outlines the similarities and differences between the COVID-19 travel ban, micro-segmentation, and run-time Cloud Workload Protection.

What COVID-19 Has to Do With Network Security

The Coronavirus has been the top celebrity of the year 2020. The world was and is fighting this pandemic and travel limitations are widely used in order to control the spread of the disease. While some say these restrictions are critical, others claim them to be ineffective and redundant. I am not an epidemiologist and will leave that analysis to the experts. I am, however, a software architect and cannot resist comparing travel restrictions to one of the most common ways of securing network architectures – Micro-segmentation.

In many ways, software malware and biological viruses are similar (that is why they are called computer viruses) - both try to spread in a network and infect as many subjects as they can. If we accept this simple analogy, micro-segmentation can make a lot of sense; it is the equivalent of banning incoming flights from China, and it is aimed at making sure that if some part of the organization is affected, the infection cannot spread to other parts of the organization.

The Similarities and Differences Between the Travel Ban and Micro-Segmentation

Just like travel restrictions, micro-segmentation has its pros and cons. It can be efficient in avoiding propagation of an attack throughout the network, but it comes at a price – it is hard to maintain and control, it needs to be constantly updated based on changes in the environment, and it reduces the environment flexibility significantly (think about the travel ban economic impact).

Micro-segmentation also has a major difference from travel bans – we cannot deploy it AFTER we know about infection, it is configured on a healthy network to prevent FUTURE infections. Think about it this way – what travel limitation would you put permanently, even if COVID-19 never existed, just to avoid a potential outbreak of a future virus? What ends up happening is that we use micro-segmentation to enforce service behavior, rather than to control proportion, and the question is whether that is the right tool for the task.

As we dig deeper into the analogy and examine some limitations we have in confronting the Coronavirus, we must ask ourselves whether the same limitations apply to cloud workloads and whether we can take better actions in our cloud environments than what is available for our governments in the Coronavirus case.

These are the key reasons governments must resort to travel bans:

• It is impossible to check each person before they enter the country – detection is not scalable
• Someone may show symptoms of Coronavirus without really being infected - detection is not deterministic
• There is a lag in time between infection and detection - detection is not immediate

kubernates devop cloudsecurity microservice

DevOps and Cloud computing are joined at the hip, now that fact is well appreciated by the organizations that engaged in SaaS cloud and developed applications in the Cloud. During the COVID crisis period, most of the organizations have started using cloud computing services and implementing a cloud-first strategy to establish their remote operations. Similarly, the extended DevOps strategy will make the development process more agile with automated test cases.

What is DevOps? How are organizations transitioning to DevOps? Is it possible for organizations to shift to enterprise DevOps? Read more to find out!

What is DevOps? What are the goals it helps achieves? What are its benefits? This article has answers!

The year 2020 has arrived, and its arrival brings a lot of innovations and transformations in the Information and Technology (IT) sector to DevOps technologies.

DevOps is supposed to help streamline the process of taking code changes and getting them to production for users to enjoy. But what exactly does it mean for the process to be "streamlined"? One way to answer this is to start measuring metrics.