• 2022-10-06

There is no server calculation existence security consequences

Jan 20, 2022

At least one-fifth of the organization (21%) has calculated a server as part of its cloud-based infrastructure. This is the survey results that DataMation recently conducted on 108 IT managers. Another 39% of people are planning or considering no server resources. The problem is that there is no server calculation that will soon get the critical quality of most companies? In addition, what is the consequences of security? Existing local systems and applications – you can call some u0026 ldquo; legacy u0026 rdquo; – still requires more traditional care and feeding. Even the existing cloud-based applications still build around more server-based development and delivery mode.

This is what many companies are being processed – even when they begin to transition to untrue models, there is also a need to manage a large number of traditional applications. MARC Feghali, the founder and Vice President of Attivonetwork, said that even if the application or system is in the cloud, it is still more close to traditional IT than traditional IT instead of a server. u0026 ldquo; Traditional IT architecture Use the server infrastructure, which requires the system and services required to run the application, u0026 rdquo; he said. If the server happens to be internal deployment or cloud-based, it is important. u0026 ldquo; The application must always run, and organizations must launch other instances of the application to handle more loads, which is often intensive. u0026 rdquo;

There is no server architecture more deeper than traditional cloud arrangements, and traditional cloud arrangements are still in server models. Feghali said that there is no server more fine, u0026 ldquo; but focuses on providing an infrastructure by a third party, organizations only provide code for applications that are decomposed into third-party managed features. This allows the application to extend based on functional usage. It is more cost effective due to the frequency charge of the application using this feature for the application, rather than allowing the application to run. u0026 ldquo;

How to gradually eliminate existing or legacy architectures? Is it an instant switch or a more gradual migration? Feghali urges progressive migration, close attention to security requirements. u0026 ldquo; There are some specific cases still need existing legacy architecture, u0026 rdquo; no server calculation u0026 ldquo; restrictions on performance requirements, resource restrictions, and security issues, u0026 rdquo; feghali point out. The advantage provided by the server is that it u0026 ldquo; specializes in lowering the cost of calculation. It can be said that in a feasible case, it should be gradually migrated to a server infrastructure to ensure that it can process the application requirements before gradually eliminate the traditional infrastructure. u0026 rdquo;

Feghali said that it is important that there is no server architecture requires to view security in a new way, u0026 ldquo; through new services or solutions, you need to evaluate the security framework to understand which new gaps arerisk. Then they need to re-evaluate their controls and improve their processes in order to address these new risk model. u0026 ldquo;

Security protocols and processes differ in non-server environment. In other words, by using non-server computing, the company expanded its attack surface. u0026 Ldquo; attack surface much larger because the attacker can use each component of the application as a starting point, u0026 rdquo; Feghali said, including u0026 ldquo; normally required application layer code, dependencies, and applications running configuration any cloud resources. u0026 Rdquo; no Caozuojitong concerned about security, but there is no way to install the endpoint or network level detection solutions such as antivirus or [intrusion prevention or prevention system [. This lack of visibility allows an attacker to remain undetected, because they take advantage of the vulnerable function attack, whether it is data theft or destruction certificates, keys, and credentials to access the organization. u0026 ldquo;

In this case, according to a study led by the University of California, Berkeley Eric Jonas, the introduction of better protection needed No server environment Anquancuoshi may add more costs and overhead. u0026 Ldquo; no server computing readjust the responsibility for security, many of whom will be transferred from the user to the cloud cloud provider without changing their fundamental, u0026 rdquo; their report states. u0026 Ldquo; however, no server computing must also deal with the application of multi-tenant resource sharing decomposition inherent risks. u0026 rdquo;

A method for protecting non-server is u0026 ldquo; forgetting algorithm u0026 rdquo ;, the University of California, Berkeley team continued. u0026 Ldquo; there will be no server applications into many small features trend exacerbated this security risk. Although the major security issues from external attackers, but can protect the network mode through the use of algorithms from the effects of casual employees. Unfortunately, these often come at a high cost. u0026 rdquo;

No server resources and physical isolation function is another way – but of course expensive pricing from the cloud provider. Jonas and his team also saw no possibility to generate very fast server function instance. u0026 Ldquo; the challenge of providing functional level sandbox is kept short start-up time, and the way will not repeat the function call shared between the state of the cache execution environment. One possibility is the local snapshot instances, so that each function may start from a clean state u0026 ldquo ;.

Feghali company Attivio Networks focused on the use of u0026 ldquo; spoofing u0026 rdquo ;, aimed at greater visibility provides no server stack various components, u0026 ldquo; as a kind of know when security control does not work method to detect the following functions attack : through them, and inform internal staff, external suppliers or threatening behavior in violation of policy. u0026 ldquo;

The bottom line is to serveThe key handover of the server stack to the third party cloud provider does not mean outsourcing security.Safety needs remain responsibility for corporate customers, as they need to answer when they have violated regulations.