Is security restricting your function as a service?

1 April 2019 Access Control & Identity Management, Integrated Solutions

You can’t deploy functions without the right security credentials. And they have a pretty massive identity access management (IAM) overhead when you consider that they’re very useful for throwing together a bunch of business applications. These can range from processing the data from mobile apps, to stream processing, batch processing, extraction, transformation, loading (ETL) and more. Chat bots can also benefit from FaaS, as can Web apps, business logic, and IoT sensor message systems.

Tallen Harmsen
Tallen Harmsen

All of that IAM in the background can lead to a lot of ‘Access Denied’ exceptions. The developers know this, of course, so they’re only too happy to circumvent the whole messy fuss by using IAM credentials that go ahead and give the functions full access to the APIs.

That’s great because the functions, and ultimately the services and applications, work perfectly in the development environment. But it’s a gaping hole in your security when it goes live and it’s the kind of thing that security audits, particularly in highly regulated environments, tend to go beyond just frowning upon.

Security can be a real bottleneck in the FaaS environment that’s supposed to ultimately make spawning prototypes, products and services on request for agile, nimble, business flexibility a fast and super slick process.

FaaS is supposed to make it easier to implement and consume the apps and services businesses need to be competitive. Many are customer facing so you can’t have them ruin your customer experience. Nor can you have them expose customers’ identities and other sensitive records to hackers.

Frictionless security based on smarter, machine learning algorithms can return the ease of use, and the painless speed of deployment and consumption to FaaS environments. And it can keep everything safe at the same time because you can trust that your security protocols will be implemented and maintained the way they should because they’re no longer a mandated evil – they’re just adopted.

Smarter, frictionless security uses machine learning algorithms to ensure optimal data accessibility, that people and systems are authenticated and validated, that their behaviour is within acceptable and defined parameters, and that the functions can operate seamlessly without interruption.

Frictionless security today is not the same as single sign on. It’s a lot more than sign me on once then forget about me. Frictionless today means you or the system signs on then you’re watched, your behaviour observed against learned and mandated procedures. That eliminates hackers being able to subvert systems to their nefarious will or having their own code replicate automatically and lock down systems in ransomware attacks, for example. Just as the attackers operate at the speed of automation so does frictionless security and it shuts the hackers’ code down before it can spread.

But, most importantly, it eliminates the gate-keeping security checks that have previously been a fine balancing act for the developers. Those who aren’t circumventing those roadblocks just so they can get the job done as they face pressures of their own.

Smart frictionless security today ensures you can deliver the application functions you need to serve the business functions that matter without impeding employees, partners and customers.

For more information contact IndigoCube, +27 11 759 5950, ziaan@indigocube.co.za, www.indigocube.co.za





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Balancing secure access control and fire safety
Editor's Choice Access Control & Identity Management Fire & Safety
In modern building management, few topics create as much tension as the intersection between security access control and fire evacuation safety. Nichola Allen of G2 Fire sheds light on this delicate balance.

Read more...
Securing water infrastructure for industry and community
Access Control & Identity Management Fire & Safety Government and Parastatal (Industry)
The Badirammogo Water User Association needed a solution that could secure remote sites, reduce reliance on physical guards, and ensure uninterrupted service delivery while remaining aligned with its values and long-term strategy.

Read more...
Integrated layers offer dependable security
OPTEX SMART Security Solutions Technews Publishing Perimeter Security, Alarms & Intruder Detection Integrated Solutions
A layered approach to security tightens protection and minimises downtime and operational risk. Moreover, integrating all the parts of a solution and proving they can do the job before spending money are critical.

Read more...
Disconnect between confidence in identity security and operational reality
Access Control & Identity Management News & Events
New FIDO Alliance and HID study reveals gap between identity security confidence and reality; 94% of enterprises claim they can revoke employee access within 24 hours, yet 35% experienced delays or failures in the past two years.

Read more...
Paxton Solo training available to security installers
Paxton Access Control & Identity Management News & Events
Following the launch of Solo, Paxton’s brand-new access control system, the security manufacturer is rolling out dedicated Solo training sessions across South Africa to support security installers working with the system.

Read more...
Controlling access for people and vehicles
IDEMIA STid Security Technews Publishing Editor's Choice Access Control & Identity Management Asset Management Industrial (Industry) Mining (Industry)
When it comes to access control, the security requirements of mines and the industrial sector are similar, requiring a layered approach that combines physical barriers, digital authentication, and continuous monitoring to protect personnel, assets, and operational continuity.

Read more...
Paxton launches new phone-based security system: Solo
Paxton News & Events Access Control & Identity Management
Paxton has officially unveiled Solo, a phone-based, cloud-hosted access control system. As part of the launch, installers can claim a free Solo starter kit from Paxton, allowing them to trial the system and see how it can work for their business.

Read more...
Taking control of IAM in the AI era
Access Control & Identity Management AI & Data Analytics
AI and Shadow AI are proliferating, creating a series of new risks for organisations. To gain control over who and what has access to corporate data, organisations need unified control over their entire environment.

Read more...
Impro announces Primo update
News & Events Access Control & Identity Management Integrated Solutions
Impro Technologies recently held a launch event in which it introduced a series of new products, from new readers through to its updated Primo access management software.

Read more...
If you cannot prove identity, you cannot claim security
Access Control & Identity Management Information Security
Cybersecurity planning for 2026 is a structural change in how attacks are executed and how trust is exploited, demanding that companies stop layering tools on top of infrastructure and instead prioritise intelligence and identity.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.