Security 2020 – “Intentional Security to accelerate digital business success”

Email inboxes around the globe are filled though January with a flurry of IT market and technology predictions. I’ve been guilty of writing them in the past but chose not to this year. However, a few people have nudged me and requested at least a summary or a few ideas on a few significant IT security areas to consider through 2020 (not predictions). One thing I can convey with certainty, is that fact we actually don’t know what will happen in the security arena moving forward, we can assume and theorise but don’t really know. The business and technology landscape has never been more uncertain, with well skilled and financed attackers (at times more so than the defenders) due to the potential for immense rewards. To that end organisations need to be aware, pragmatic, agile with effective security controls and actionable remediation strategies to help them deliver “Secure IT”.

So, what might happen

The “Windows 7” platform will be a highly targeted attack vector (whether embedded, full function or other). Whilst many users remain emotionally and operationally wedded to the now reliable and robust legacy operating system, the end of operating system support and patches for Windows 7 software platforms means enterprises as a minimum must evolve away from Windows 7 to Windows 10 or to another secure and supported operating environment. If a move from Windows 7 cannot be undertaken in a timely manner, compensatory controls for example the use of virtual patching may add a layer of defence but that will very short lived. A move from the Windows 7 operating platform is the only outcome to maximise user and system security.

Next up, “connected things”. IOT is the collective term frequently used to describe connected devices, often without an interface for human input but “connected things” collect, process, transmit and sometimes store data. The sheer volume of connected things increases the security challenge with defenders requiring real time visibility, always on controls as they seek to minimise or eliminate the potential for attack. To make matters worse, many of the “things” become invisible to the human eye hidden in ceilings, behind walls or embedded in other devices. But they remain highly visible to attackers are easily located with simplistic scanning tools and can be used to launch highly damaging attacks (or as a beachhead to enter a networked environment). Visibility visibility visibility is everything – you can’t secure things you cannot digitally see. Connected device visibility platforms or advanced NAC systems help to determine the type, status, behaviour of all connected devices. This allows them to determine posture, grant and revoke access, supply data inputs to asset and CMDB databases but more importantly to help organisations to create and maintain a baseline of “normal or known good security”.

And last but not least, “the human vector” remains a key consideration in 2020. Un-informed users have the potential to become the weakest link in the security chain, but informed, engaged, security conscious users become one of the most significant elements of optimum security. Users have the power to make intellectual and dynamic decisions, interpreting situations in a way technology based controls cannot. With users as educated, security advocates and technical security controls working together in harmony, end to end optimum security becomes a reality not a dream.

As a recap, to maintain a security by design and by default in 2020 for users, business & consumers, three areas will be high on my list:

  • Acceleration of the move from Windows 7 (or to secondary compensatory security deployed if a platform move is not possible)
  • Optimum visibility of connected things (traditional connected devices and IOT) to ensure they can be located, patched, secured.
  • Inspirational education of “the human” to intentionally become the strongest security link in the digital chain.

Through 2020 we must strive to make intentional security simple to consume, manage, operate and EFFECTIVE. This will help users, organisations and the industry to shift the current mindset and position security positively as the essential enabler of the digital world. Its time to start now, start today.

Until Next time.

Colin W

Business Line CTO Networking and Security – Computacenter UK

Twitter: @colinwccuk

A New Wave of Notebook Innovation

Intel have for decades enjoyed near total domination of the Commercial PC market, providing the core components – CPUs and Chipsets to the OEMs and to their credit have continued to innovate. As they add more features and improve the performance of their silicon platforms enabling OEMs to innovate their PC design by making them thinner and lighter, there’s a feeling that this still doesn’t address the ever-increasing User Experience demands.

With the proliferation of consumer devices in the modern workplace (smartwatches, smartphones, tablets etc) there’s a concern that so much choice can both distract and even overwhelm users. The lack of time spent un-interrupted by these ‘skinny’ clients, whilst providing unrivaled connectivity can become a distraction to those who simply need to focus and concentrate on our business tasks. Research suggests that even in the face of so much choice the notebook PC continues to be the main go-to business device. During 2020 it is predicted that the ‘Millennial’ generation will become the dominant demographic group in the workforce. What organisations like Intel therefore need to ensure is that the needs of this generation are being addressed by their future technologies. Unsurprisingly the ‘User Experience’ and usability will play a big part.

User Experience Targets

Based on the User Experience targets above, I think it is safe to say that the notebook PC as a device is not going anywhere, but its usability and the experiences you get from it can be improved upon.

Intel recently released a high-level blueprint of how they and the PC OEMs are looking to deliver these experience improvements to users; its known in the industry as Project Athena.

Project Athena – Laptop Innovation Rooted in Human Understanding

It’s worth noting that Project Athena is a 2-3 year view so it’s not about dropping in a ton of new technologies in one hit, but we are already seeing some encouraging progress.

Project Athena focuses on three main areas – Always Ready, Adaptive and Focus.

CPU chipset efficiencies will continue to drive improvements in battery life but inbuilt AI capabilities will also help with this – The much heralded 5G and WIFI 6 or AX standards once they arrive ‘en masse’ and have greater coverage are expected to not only deliver faster speeds but be much more robust and reliable due to the increases in the available spectrum they operate in. 

The 2-in-1 form factor which is the touchscreen notebook with near 360-degree hinge continues to gain share from the traditional simple clam-shell device as it offers the best user interaction – touch, pen, keyboard. 

AI is going to play a part in improving such areas as voice recognition and enabling ‘Do not disturb’ features to ensure outside distractions are kept to a minimum. Monitoring when there’s a reduction in user interactions will enable the device to intelligently reduce or suspend power-states to those parts of the sub-systems that are not in use. This will result in power saving and improving battery life. 

A more ‘Tablet-like’ experience in a package that delivers enhanced performance is the target with features that include a < 1 sec from lid up to login time, whilst utilising Intel’s next generation mobile CPU core technologies. Persistent memory provided by Intel’s Optane technology also plays a big part in improving performance and decreasing wait times.

Whilst Project Athena maybe a 2-3 year vision its far from being pure ‘vapour-ware’ today. HP Inc has recently announced the first to market Athena v1 commercial product with their Elite Dragonfly notebook.

All notebook PCs that conform to the Project Athena specification will feature the Intel distinguishing label, shown to the right.

The design criteria from Intel to conform to the Athena standard is expected to evolve as the supporting technologies develop. Version 1 is believed to be based roughly on the following target criteria – 

  • Chassis Design – 15mm Z height (allow 17mm this year under right conditions)
  • <1 second from lid up to logon
  • No performance degradation when unplugged from power cord
  • >16 hours of battery in video playback mode
  • >9 hours continuous intensive browser usage
  • 4 hours of battery charged in 30 mins

The Benefits of Project Athena

With the goal of Project Athena being to drive the next wave of innovation into notebook PCs we can expect to realise the following benefits and improvements over traditional Notebook PCs –

  1. Improved productivity and User Experience
  2. Usability – All day battery-life with rapid charging and intelligent use of AI
  3. Connectivity – Provided by Thunderbolt 3, WiFi 6 and 5G 
  4. Performance – Latest CPU and next generation Optane storage
  5. Design – Thinner, lighter designs that feature multiple input methods
  6. User satisfaction – A more responsive ‘without delay’ user experience

What Next ?

The other leading commercial PC OEMs are expected to follow HP Inc’s lead in releasing Athena v1 class devices so I would urge you to take a look at the Dragonfly to judge it for yourself. 

Contact your Computacenter Account Manager to find out ways we can help you understand more about Project Athena.

Future Workspaces – intelligent and personal

Last week, Citrix announced their revamped Workspace app had made it to general availability. The release brings with it our first view of personalised workflows, showing how they have integrated last year’s acquisition of Sapho and gives us a clear view on how Citrix see the future of the workspace and ITs role in delivering business value. So why do Citrix and others believe this is so important? What benefits will it bring your users and ultimately your business.

Strap lines offering the ability to access to applications, desktops and data from anywhere no longer garner much interest. We’ve been saying it for so long that the Leonard Rossiter Cinzano reference is almost entirely unknown to the audiences that I present to and I have promised never mention it again. The problem users are wrestling with now is managing the bombardment of information that they now receive from an increasing number of platforms that were meant to make our lives easier. Citrix Workspaces approaches this by filtering relevant information in their Intelligent Feed and using personalised workflows that can automate complex tasks across multiple applications into a single click. Solve this ‘Digital Interference’ problem and you go a long way to making the user experience better and so ultimately more productive.

By 2021, IDC Predicts that 60 percent of Global 2000 companies will have adopted a future-workspace model — a flexible, intelligent, collaborative virtual/physical work environment. That seems to support the move to unified endpoint management delivering fluidity across devices and the reduction in reliance on the operating system, even from Microsoft. At the launch of the new Surface Duo and Neo back in October Satya Nadella said, “The operating system is no longer the most important layer for us”. It’s obviously a multi-billion-dollar business, so still quite important, but their future will be in the applications and services they deliver. As well as the APIs they produce to enable other software vendors to integrate with them.

So, what does this mean to users? Booking time off for many people means SAP. Opening a web page, logging in (not forgetting this requires a different username and password from your windows one), navigating the menus to the right area and requesting the dates you want. Closing the page, checking emails to see it’s been approved, noticing that a team member has requested their own holiday that you need to approve, back into the web page you go. Now what if that process could be provided via a micro app? You never need leave your workspace, never need to re-authenticate. Any approvals you need to do are also presented in here. As your Workspace is independent of device approve them from your phone on the way home. This is one example. Citrix Workspaces have integrations into hundreds of Enterprise applications. If they don’t, you can create your own.

It would be remis of me to talk about workspaces without mentioning VMware. Workspace One Intelligence has the same data-driven ethos to focus information for you. It allows the ability to automate processes that you find yourself doing repeatedly and has created an impressive eco-system of security vendors that can integrate to offer the Zero Trust architecture that will be key to securing an increasingly diverse device estate. I’m sure it won’t be long before Microsoft enter this market as well. The next iteration of Microsoft Teams could well deliver that. Whichever vendor you choose to deliver your future workspace with it’s clear that this is another change in the role of IT. One that continues to morph from worrying about locking down and controlling what users can do to one that needs to understand the business and work with users to deliver what they want.

Many of our customers are still wrestling with the challenges of delivering and keeping supported on Windows 10. To them, I’m sure, talk of the operating system becomes less relevant will seem like an oxymoron but once the dust has settled on Windows 7 your people will be working in the same way they always have. ‘Digital Interference’ is a real problem in all our working lives. These workspace solutions will start to solve that and hopefully in the near-future rather than a distant one.

10 benefits of doing an apprenticeship

Earlier this week, we were lucky enough to be joined by some of our fantastic apprenticeship partners in hosting an Apprenticeships Roadshow at our Hatfield office.

The event was hugely successful, providing a great opportunity for staff who are interested in developing their skills to meet with our apprenticeship experts.

Following on from this fantastic event, we take a look at some of the many incredible benefits of doing an apprenticeship.

What is an apprenticeship?

Apprenticeships are a form of learning that combine study with a full time job.

While studying for a formal qualification, you’ll gain valuable experience and skills by working in a real job for a real company. From here, you are able to progress onto the next stage of your chosen career.

Who can apply for apprenticeships?

Despite the common misconception that apprenticeships are only available to people of school leaving age, they are actually open to those aged 16 or over living in England and not in full-time education.

Entry requirements for apprenticeships

Each apprenticeship opportunity is different, and vacancies will specify the different entry requirements and professional qualities that your employer is looking for.

Remember to check the job description to ensure you have the necessary skills that are required.

What are the benefits of apprenticeships?

Apprenticeships can often be seen as being for people who ‘didn’t do well at school’ or can’t get into University, but this couldn’t be further from the truth. They are a fantastic way to learn new skills, grow as a person and give yourself a brilliant start to your career.

Let’s have a closer look at some of the many benefits of enrolling in an apprenticeship:

1. Earn while you learn

Doing an apprenticeship is a unique opportunity, allowing you to start earning your own money, while also expanding your knowledge and helping you learn plenty of new skills.

While you may start out on minimum wage or a basic rate of pay initially, your employer should review this as you progress through your employment with them.

2. Discover new passions and interests

You’ll be learning every day, and with this comes a fantastic way to discover new things that might interest you.

It’ll also help you decide if your chosen career path is actually right for you or not.

3. Gain real life experience

In a recent study by UCAS, one third of employers felt that job applicants did not have a satisfactory level of knowledge about the job they’ve applied for.

Working in your role will equip you with invaluable knowledge and experience that will set you apart from other applicants for future job roles, who may not have these same skills.

Academic achievements are absolutely wonderful, however where some may have a degree, apprentices have real life exposure and an increased understanding into the day to day of your chosen job role or career path.

4. Get valuable qualifications

At the end of your apprenticeship, you’ll not only have work experience within an organisation, you’ll have qualifications too.

Apprenticeship qualification levels

There are different levels of apprenticeships that you can take part in, which are equivalent to the different qualifications you would receive if in full-time education.

Apprenticeship NameLevelEquivalent Qualification
Intermediate 2GCSE
Advanced3A Level
Higher4 and 5Foundation Degree
Degree6 and 7Degree

5. Start to build your professional network

You’ve probably heard the phrase “it’s not what you know, it’s who you know.”

This is often very true in the world of work.

Building your professional network can be a fantastic way to strengthen your career. It can be a great way to exchange ideas with others in your sector, can help to raise your own personal profile, and can open up a world of potential opportunities in the future be it job roles, speaking slots or freelance work.

Starting this early can be invaluable; you never know where a new relationship or connection may lead!

6. Increase your earning potential

Having a degree can be hugely beneficial in the workplace, however it isn’t the only deciding factor in how much you eventually go on to earn.

A recent study actually found that apprentices often earn more than graduates, with the amount apprentices earning over the course of their lives outstripping that of graduates by up to 270 percent!

7. Receive one-to-one support

You’ll receive personal support from your training provider, who will be on hand whenever you have questions, worries or concerns.

8. Improve your employability

Having an apprenticeship on your CV shows your potential future employers that you’ve got the necessary skills to complete a qualification while juggling the responsibilities of a full time job.

It shows your dedication to your chosen field and your ability to build knowledge from the ground up.

9. Make new friends

Apprenticeships are a great way to meet new people and make friends with people from a range of different generations, backgrounds and cultures.

10. Develop as an individual

As well as earning a wage and learning valuable skills, an apprenticeship will also help you develop as an individual.

A successful apprenticeship programme will help increase your confidence, give you more independence and improve your understanding about yourself and how you work. Your communication skills will develop along with your time management and relationship skills.

Apprenticeships at Computacenter

Our apprentice numbers have grown from 5 to 70 in just over two years, with each individual developing their knowledge and gaining qualifications through work based learning. We offer apprenticeships throughout the UK, and have a real passion for developing young people in our business.

You can choose between a variety of different entry options depending on your level of educational achievement and abilities. With dedicated staff and structured programmes available, there is no better time to become an apprentice at Computacenter.

Apply for apprenticeships at Computacenter

When was the last time you took a memory test?

Despite the proliferation of devices now available it’s good to see recent surveys showing the continuing relevance of the humble PC.

One such recent Intel survey questioning the ‘Importance of the laptop’ concluded that over 80% of respondents agreed with the statement – “I often use my computer when I need to get things done that matter” and a further 70% agreed that – “I feel that the time I spend on my computer is time well spent”. It’s results like this that endorse that the PC is still, in the main, the preferred weapon of choice for productivity and getting the work done for most people.

The business tasks and workloads we ask our PCs to deliver continue to increase. More and more multitasking as well as numerous applications running in the foreground and background are in danger of making what is an essential work tool slow down our productivity and detrimentally impact our user experience. 

Whilst silicon manufacturers do a fantastic job evolving their CPUs to keep a pace with our growing power-hungry requirements, we have started to see other aspects of the system becoming more of a bottleneck to performance. A number of years ago it was considered a big advancement when IT decision makers started realising the benefits and approving the use of Solid-State Drives (SSD) over the traditional ‘spinning’ Hard Disk Drives. Whilst SSD does indeed offers greater performance over its spinning rival they still lag behind the performance of their volatile memory DRAM cousins that make up the PCs main system memory.

Introducing Intel Optane

To increase the performance of the SSD, Intel has developed Intel Optane Memory H10 with Solid State Storage. Conceived originally as a Datacenter technology, Intel has created a single drive device that combines Optane memory and their high-speed SSD (QLC NAND) technology. 

Products based on Intel’s Optane technology represent a different approach to the traditional SSD. A unique characteristic of Optane is that the memory is significantly faster than that used in current NAND SSD drives. Unlike DRAM or main system memory, Optane is Non-volatile which means data written to it will remain even after the PC re-starts. 

Despite the Intel Optane Memory H10 with Solid State Storage solution consisting of both an Optane and NAND SSD memory the user only sees a single HDD. Behind the scenes Intel have an intelligent memory controller and their Rapid Storage Technology driver which is where the workload optimisation takes place. The drive constantly monitors how the user works on a daily basis – which applications are used most, or data is accessed most frequently. These common tasks are then moved dynamically into the higher performing and optimised Optane memory. 

What are the benefits of Intel Optane?

Users are rarely working with only one application at a time so demand systems that can cope with their multi-tasking needs. Even those users that may not think they are multi-tasking with applications typically are due to the increased number of background tasks being run. User experience remains a challenge, and this is where Intel Optane can help by providing: 

  • Improved performance – A more responsive PC that reduces time spent waiting for thing to happen.
  • Security – Support for industry standard encryption, including secure erase. 
  • Ease of use – Despite there being two components, the user and IT support will only see a single storage device.

By utilising Intel Optane, organisations can continue to benefit from today’s demanding applications whilst allowing users to get more work done faster, improving both productivity and user experience.

Intel Optane in Action

Adding more system DRAM memory to a PC has long been the popular choice in attempting to increase its responsiveness, but with Intel’s claims of roughly 2x performance increase over a standard SSD, an Optane enabled SSDs could offer a better option for increasing performance and ultimately the user experience.

The graph below highlights the potential performance gains of Intel Optane when considered as an alternative approach to doubling up on system memory.   

Intel Optane Memory H10 with Solid State Storage options is currently available in the following capacities – 

  • 256GB SSD featuring 16GB of Optane memory
  • 512GB SSD featuring 32GB of Optane memory
  • 1TB SSD featuring 32GB of Optane memory

What’s next for Intel Optane?

The leading PC manufacturers are already including Intel Optane storage options and configurations on the majority of their latest commercial products.

If you are looking to add additional DRAM in the hope of increasing PC responsiveness and performance, talk to us about how you can test the Optane technology for yourself as it is likely to deliver an improved end user experience… and who doesn’t like happy users.

Windows Virtual Desktop – Why VDI? Why now?

In a previous blog (April 2019) , while Windows Virtual Desktop (WVD) was still in Beta, I explored its features and debated the importance of this move by Microsoft into the world of virtual desktop infrastructure. Computacenter has been working with Microsoft and tracking the development of WVD through Public Preview and General Release.  

In this blog I will explain:

  • Why you should be interested in it?
  • What it means to other vendors?
  • How can you know if WVD is right for you?

Why should you be interested in WVD?

From the initial excitement of virtualising desktops, born from the success in the server world, VDI has remained at 10-20% of the desktop estate of large organisations. From the premise of everyone should have one, we now focus on specific use cases where the benefits stack up.  With WVD, Microsoft are focusing on three scenarios:

  • Replace/migrate on-premises virtual desktop deployment

At some point you’re going to need to refresh your existing virtual desktop infrastructure which will be both timely and costly. With many companies boasting a ‘cloud first’ strategy and an ongoing modernisation of application portfolios, migrating those workloads must be considered.

  • New Windows virtualisation

The experience of using and managing virtual desktops has become significantly easier in the last few years, whilst the challenges of effectively maintaining physical desktops is arguably becoming harder. Whether it’s a tactical workload like third party access or something more strategic the ability to pilot and develop on a cloud platform removes a lot of initial investment.

  • Windows 7 end of support

There will be organisations out there whose Windows 10 plans are being hampered by problematic Windows 7 applications. Migrating those workloads to Azure will give you the extended support needed, and so time, to allow that final remediation to take place. From a compliance point of view, it’s certainly a better place to be.

Single versus multi-cloud strategies

The main alternative to desktop virtualisation is giving people a laptop but let’s assume you’ve addressed that and your use cases for virtualisation are defined. If there is a limitation of WVD then it is its dependence on Azure. If that is an issue it’s worth remembering though that WVD is in fact two separate constructs; “broker” and “licensing entitlement”.

As a licensing entitlement you can choose to use Citrix, VMware, or a number of System Integrators offering turn-key DaaS solutions as the broker to those Azure desktops. The advantage, of those, being the ability to run workloads not just in Azure but on-premises and on other public-clouds from a single management plane. This could expand the number of users that could be included within scope. It also means that, perhaps, public cloud becomes your disaster recovery site of choice. Offering constantly refreshed hardware at a fraction of the cost while not powered on.

You also need to consider where your desktops reside based on the applications they need to access. With so many legacy applications hamstrung by latency sensitivity the proximity of the application and the desktop could be paramount to the user experience and, so, success of the project.

Assessing if WVD is right for your organisation

Whether you are new to desktop virtualisation or looking to transform an existing deployment, Computacenter would recommend the following approach

  1. Understand your business requirements and the needs of your users

Ensure you are clear on what WVD can deliver that physical machines can’t and match that to the needs of the business now and in the foreseeable future. Define your user workstyles at a conceptual level and use end user analytics to collect the empirical data that will help you understand which users are a good fit for WVD

  • Use proof of concepts and early user pilots to gain confidence and understanding

One of the most powerful aspects of public cloud is how fast you can be up and running. Test the scenarios you’ve identified and the applications that are in scope to confirm the user experience. Target users to pilot the environment and gain real-world feedback. Positive experiences will help gain momentum in the next phase

  • Build the business case and plan the deployment

Align identified business metrics to the capabilities of WVD. Baseline those metrics and be clear on how you can measure and so show improvement on them. Consider how ongoing application strategies may impact when people can be deployed and where their desktops should be placed.

Microsoft embracing desktop virtualisation is fascinating, and the long-term benefits for everyone must be a positive. Citrix and VMware have been talking about the benefits of public cloud for VDI for a long time, but few large-scale deployments have moved fully to it.  Many on premises VDI deployments were not deployed optimally, I think it’s fair to say, and if you were to do it again you’d probably do it differently. Public cloud forces you to re-visit those decisions both from an operational and a cost point of view. Re-visiting desktop virtualisation also forces you to look at the use cases you are supporting and re-evaluate them. Are you supporting how your users and the business wants to work or making them work in a certain way due to the technologies you’ve implemented?

Desktop virtualisation offers capabilities that physical desktops cannot. Public cloud offers benefits that are hard to achieve on premises. Neither will bring success though if the right users and workloads aren’t identified.

Let Computacenter help you decide if WVD can benefit your organisation.

Are you ready for the app attack? How a Zero Trust approach can help prevent security breaches.

In this blog, we look at how taking a Zero Trust approach to developing and provisioning apps can help to prevent security breaches.

Simon Minton Graphic

Guest blog from Simon Minton, Global Cyber Security Advisor at Cisco

The security threat of using apps 

Sharing meeting notes. Processing customer transactions. Logging expenses. Signing contracts. More and more business processes are getting the app treatment. And that means more and more data is being exposed to potential security threats.

How businesses are using the cloud

To ensure apps deliver on stakeholders’ agility and efficiency expectations, organisations are increasingly using the cloud to provision functionality to users both in the workplace and beyond. Apps aren’t just being provisioned via the cloud; they are being developed in the cloud too – and that introduces another layer of complexity and risk.

Cloud-native development enables organisations to build and update apps quickly. But the speed at which apps evolve can result in security being overlooked – especially as organisations increasingly bring application development back in-house due to its strategic and competitive importance.

security threat when using apps

Join the DevSecOps revolution

The need to balance security with agility has given rise to a new operating model in the app development world. DevSecOps isn’t just about adopting new processes and tools; it’s about adopting a new mindset in which everyone in the app lifecycle is responsible for security – whether they are a developer, a business stakeholder or a user.

What is DevSecOps?

DevSecOps shifts security from a bolt-on activity late in the process of application development, when much of the architecture has already been defined, to a fundamental part of the design, build and continuous delivery.

In order for DevSecOps principles to take root in an organisation, developers need to be encouraged to take ownership of security, much like they are incentivised to develop metrics around application availability and performance.

using devsecops in organisations

Reducing the impact of data breaches when using apps 

Most data breaches occur from two interlinking scenarios; an exploitation of either the application itself and/or exploitation of the infrastructure hosting the application. Several recent high profile breaches occurred because of a misconfiguration of the supporting cloud infrastructure. The shared security model adopted by all cloud providers puts the onus on its customers to ensure that cloud services are properly configured.

Ensuring developers and IT security teams work together to proactively remediate misconfigurations in an application or infrastructure can help to reduce the impact from an incident or breach. Data analytics will be increasingly important for both teams when pinpointing application and cloud misconfigurations as well as malicious activity.

Monitoring solutions that leverage machine learning and behavioural modelling can provide visibility of activity not only on the network but also within the development environment and across cloud resources – which can act as an early warning of a potential security breach on an app or within the broader ecosystem.

For example, Cisco Stealthwatch collects and analyses network and cloud telemetry and correlates threat behaviours seen locally within the enterprise with those seen globally to detect anomalies that might be malicious.

To trust or not to trust?

Advanced threat detection solutions can also help to identify policy violations and misconfigured cloud assets that could compromise the future security of an app. But visibility into potential app vulnerabilities needs to go one step further.

With internal and external developers increasingly using internet-based open source elements, such as software libraries, to accelerate time-to-market, apps have become a patchwork of unseen – and often unknown – components. All of which could introduce unexpected risks and dependencies.

Around 80% of an enterprise application is created using open source software libraries downloaded from the internet. Organisations often have very limited understanding of the risks inherent in these libraries or lack the policies needed to remediate known vulnerabilities.

developing apps with zero trust approach

Adopting a Zero Trust approach to app development 

By adopting a Zero Trust approach (where everything must be validated before it can be trusted) to app development, organisations will be able to identify potential security flaws much earlier. This will not only save time and money but also avoid reputational damage.

A Zero Trust approach can also be extended beyond the development stage to the entire lifecycle of the app. Users and devices accessing apps also need to be regularly validated to ensure they are not trying to launch an attack or steal data.

By getting smarter about how they provision and develop apps from the cloud, organisations will be able to protect thousands of employees and customers and provide a richer and safer app experience.