Is security restricting your function as a service?

April 2019 Access Control & Identity Management, Integrated Solutions

You can’t deploy functions without the right security credentials. And they have a pretty massive identity access management (IAM) overhead when you consider that they’re very useful for throwing together a bunch of business applications. These can range from processing the data from mobile apps, to stream processing, batch processing, extraction, transformation, loading (ETL) and more. Chat bots can also benefit from FaaS, as can Web apps, business logic, and IoT sensor message systems.

Tallen Harmsen
Tallen Harmsen

All of that IAM in the background can lead to a lot of ‘Access Denied’ exceptions. The developers know this, of course, so they’re only too happy to circumvent the whole messy fuss by using IAM credentials that go ahead and give the functions full access to the APIs.

That’s great because the functions, and ultimately the services and applications, work perfectly in the development environment. But it’s a gaping hole in your security when it goes live and it’s the kind of thing that security audits, particularly in highly regulated environments, tend to go beyond just frowning upon.

Security can be a real bottleneck in the FaaS environment that’s supposed to ultimately make spawning prototypes, products and services on request for agile, nimble, business flexibility a fast and super slick process.

FaaS is supposed to make it easier to implement and consume the apps and services businesses need to be competitive. Many are customer facing so you can’t have them ruin your customer experience. Nor can you have them expose customers’ identities and other sensitive records to hackers.

Frictionless security based on smarter, machine learning algorithms can return the ease of use, and the painless speed of deployment and consumption to FaaS environments. And it can keep everything safe at the same time because you can trust that your security protocols will be implemented and maintained the way they should because they’re no longer a mandated evil – they’re just adopted.

Smarter, frictionless security uses machine learning algorithms to ensure optimal data accessibility, that people and systems are authenticated and validated, that their behaviour is within acceptable and defined parameters, and that the functions can operate seamlessly without interruption.

Frictionless security today is not the same as single sign on. It’s a lot more than sign me on once then forget about me. Frictionless today means you or the system signs on then you’re watched, your behaviour observed against learned and mandated procedures. That eliminates hackers being able to subvert systems to their nefarious will or having their own code replicate automatically and lock down systems in ransomware attacks, for example. Just as the attackers operate at the speed of automation so does frictionless security and it shuts the hackers’ code down before it can spread.

But, most importantly, it eliminates the gate-keeping security checks that have previously been a fine balancing act for the developers. Those who aren’t circumventing those roadblocks just so they can get the job done as they face pressures of their own.

Smart frictionless security today ensures you can deliver the application functions you need to serve the business functions that matter without impeding employees, partners and customers.

For more information contact IndigoCube, +27 11 759 5950, ziaan@indigocube.co.za, www.indigocube.co.za




Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Platforms and community lead the future
May 2019, Milestone Systems , Editor's Choice, CCTV, Surveillance & Remote Monitoring, News, Integrated Solutions
Milestone Systems took a look into the future of open platforms and the power of community at MIPS EMEA in Copenhagen in March this year.

Read more...
The consequences of false alerts
May 2019, Leaderware , Editor's Choice, CCTV, Surveillance & Remote Monitoring, Integrated Solutions
Craig Donald discusses the impact of false alarm rates on the utility of intelligent security technology systems.

Read more...
Protecting people’s money, and their data
May 2019, Cathexis Technologies, CA Southern Africa, IDEMIA , Editor's Choice, Integrated Solutions, Financial (Industry)
The temptations inherent to the banking sector, and financial institutions more generally, pit them in an eternal and increasingly high-tech battle to secure themselves against threats from within and without.

Read more...
Access authentication with a wave
May 2019, IDEMIA , Editor's Choice, Access Control & Identity Management, Integrated Solutions, Financial (Industry), Commercial (Industry)
Financial organisations are making the move to contactless fingerprint biometrics in order to meet the increasing burden of regulatory and compliance demands.

Read more...
Does your control room add value?
May 2019, Fidelity Security Group, G4S South Africa, Progroup , Editor's Choice, CCTV, Surveillance & Remote Monitoring, Integrated Solutions, IT infrastructure, Commercial (Industry)
Whether on- or offsite, control rooms are a critical aspect of security today and care must be taken in the design and rollout of these nerve centres.

Read more...
Face to face with Suprema FaceLite
May 2019, Suprema , Editor's Choice, Access Control & Identity Management, News, Products
Suprema has announced the launch of FaceLite, the new generation compact face recognition terminal designed for enterprise access control as well as time and attendance applications.

Read more...
ASSA ABLOY showcases latest digital access solutions
May 2019, ASSA ABLOY South Africa , Editor's Choice, Access Control & Identity Management, News
ASSA ABLOY hosted a breakfast at the Country Club Johannesburg in Woodmead on 2 April, to showcase the company’s latest and greatest digital access solutions.

Read more...
Keyless access control launched in Africa
May 2019, FS-Systems , News, Access Control & Identity Management, Agriculture (Industry)
FS-Systems launches a cutting-edge keyless access control solution for the critical infrastructure environment across the African market.

Read more...
Augmenting surveillance video
May 2019, ISDS , News, Integrated Solutions
ISDS is moving from its previous business model to focusing on being a value-added distributor and supporting its channel partners.

Read more...
LunarX targets high-end security solutions
May 2019 , Editor's Choice, News, Integrated Solutions
LunarX Consulting and Projects, a new value-added distributor of high-end security solutions, was launched at an event at Serengeti Estate in March 2018.

Read more...