At a recent Security Roundtable that took place at Search IT Operations, one of the topics discussed was when a company should migrate their IT security to DevOps. Should it only be when IT departments are understaffed and have to resort to technology policing itself, basically, or should it be used only when there is competent staff on hand to monitor it? Some argue that it is a much better choice, to be able to “set and forget” cloud-based security parameters, with only intermittent monitoring required by IT staff members who can then quantify and track other more “hands-on” areas of IT operations. Others say that a company’s IT security and cyber threat assessment shouldn’t be left to such an “abstraction”.
Choosing Hands-Off IT Security
Many in IT circles are discussing just what “DevOps maturity” means for their company data centers and networks. The arguments go back and forth – some in favor of having a cloud-based security watchdog which can detect and auto-filter out cyber threats and other data breaches, and some saying that it’s leaving too much up in the air by basically having machines watching the machines. It appears IT security pros are pretty evenly split, with some leaning more towards seeing the benefits of having DevOps “beyond the cloud,” and some “server huggers” seeing human-controlled infrastructure as the best basis for ongoing security in data networks.
Experts Weigh In
The benefits of Amazon Web Service’s CloudTrail allow server huggers and less hands-on IT department staffers to be able to log all kinds of information that a human just wouldn’t have the capacity or time to. said Sven Skoog, information security officer at Monotype Imaging Inc., a design firm in Woburn, Mass, had this to say about it: “There are a lot of metadata asset tag changes that indicate whether [an action] was employee activity or if [the system] was externally compromised, so I might like to have that information on record.” Mark that a “Yea” vote for the DevOps security tool. IT firm Alert Logic sees it slightly different, preferring the hands-on checker of “acceptable-use alerts” to handle being the watchdog, with “chief security evangelist” Stephen Coty commenting, “Ninety-nine percent of the time, it was a false alarm. But that 99% of the time, nobody knew I was actually touching the box. With CloudTrail, you know.”
DevOps “In the Cloud”
Recently-innovated tools have pushed DevOps in the Cloud to the viable stage of being an abstract, learning situation that can allow the cloud-based tool to scan and parse alerts and decide if they are sensitive or threatening enough to cause a shut-down of user permissions within a given IT network interface. Ever-newer models are allowing more and more IT departments to realize “hands-free security”. Many new-fangled terms are being tossed around to describe the novelty of abstract security, such as service-oriented architecture (SOA), modular computing, and Web services, but they all roughly amount to the same thing – leaving cloud-based security in its own hands.
Implications and Solutions
Whether you agree or disagree with “DevOps in the cloud” thinking, the fact is that you can use this issue as a litmus test for an IT services firm that’s cutting-edge. If you ask them about this and they say “Huh?” perhaps it’s best to move on to one that can get you closer to viable, hands-off cloud-based security. Intelice Solutions is the leader in providing managed IT services in Washington. Contact our expert IT staff at (301) 664-6800 or send us an email at Info@Intelice.com, and we will be happy to answer your questions.