The need to secure corporate IT environments is common to all functions of organizations, and software application development is one of them.
Development environments have notoriously complex setups and often require significant maintenance because many applications and data are locally present on the device's internal storage; for example, the integrated development environment and the application's source code.
In 2010, the use of the Cloud as a storage medium for corporate data was nascent; hence today, the metrics to determine the cost and impact of the loss of a corporate laptop would likely look very different.
For many of the business functions that were likely to be impacted at that time, Cloud applications have brought today a solution by removing sensitive data from employees' laptops.
Figure 1: In 2024, most business productivity data has already moved to the cloud.
For practical reasons, devices used for development today have a replica of projects' source code, in addition to corporate secrets such as credentials, web tokens, cryptographic keys and perhaps strategic data to train machine learning models or to test algorithms.
Finally, such a setup is general-purpose; i.e., it is not designed in particular for code development and requires the installation of the entire development tool suite.
CDEs are accessed online with an IDE via network connection or using a Cloud IDE. A Cloud IDE allows a developer to access a CDE with the benefit that no environment needs to be installed on the local device.
As a result, in the specific context of application development, the use of CDEs is a lightweight mechanism to remove development data from local devices.
This is where the case to implement secure Cloud Development Environments lies: CDEs with data loss prevention provide a lightweight alternative to the use of VDI or secure development laptops, with the additional benefit of an improved developer experience.
The resulting platform is a secure Cloud Development platform.
Using such a platform, organizations can significantly start to reduce the cost of provisioning secure development environments for their developers.
Figure 5: To become a replacement for VDIs or secure laptops, Cloud Development Environments need to include security measures against data leaks.
As a conclusion to this discussion, below I briefly retrace the different steps to build the case for a secure Cloud-based development platform that combines the efficient infrastructure of CDE with end-to-end data protection against data exfiltration, leading to a secure CDE. Initially, secure developer laptops were used to directly access corporate resources sometimes using a VPN when outside the IT perimeter.
The use of virtual machines and early access to web applications has allowed organizations to remove data from local laptop storage.
Code development on remote virtual machines was and remains strenuous.
Recently, the use of lightweight virtualization based on containers has allowed quicker access to online development environments, but all current vendors in this space do not have data security since the primary use case is productivity.
Figure 6: A representation of the technological evolution of mechanisms used by organizations to provision secure development environments, across the last decade.
Finally, a secure Cloud Development Environment platform illustrates the closest incarnation of the secure development laptop.
Secure CDEs benefit from the experiences of pioneering companies like Citrix, seizing the chance to separate development environments from traditional hardware.
This Cyber News was published on feeds.dzone.com. Publication date: Tue, 12 Mar 2024 15:28:06 +0000