Secure Microservices Infrastructure Architecture by Design

0 Comments

Many software development teams have jumped on the Microservices bandwagon to bring their applications to life and respond to the growing demand of their end users.

Today's consumers use variety of software services and mobile apps to go about their daily lives. There is a stark contrast between the applications they use in their personal lives (Uber, Eventbrite, Instragram, Twitter etc.,) and the applications they use for their work (Email, Messaging, Scheduling and other Intranet sites).

Many software vendors have recognized this divide in the user experience and have started implementing similar strategies and UX patterns as their consumer alternatives to serve much improved user experience for their enterprise clientele.

As a result, many software development shops have invested heavily in upgrading their applications and using many of the modern software architectures and development patterns.

Secure By Design

Event Driven Microservices and Serverless Architectures has seen a huge rise in adoption over the past few years and there has been a proliferation of tools from vendors to help companies succeed in their initiatives to modernize their infrastructure and develop secure apps and services.

Yet, not a day goes by without hearing about yet another data breach or exposure compromising their users private data. As companies are adopting cloud-native architectures, its imperative to implement 'Secure by Design' architecture patterns.

Your security is only as strong as your weakest link. By focusing on security early on and making it a first class citizen, companies can protect their assets and data in a much more manageable way as opposed to implementing security as an after-thought.

At Tech Fabric, we've helped and continue to help many Enterprises with their Digital Transformation Initiatives and help them launch SaaS/Web/Mobile platforms that automates their business functions and providing delightful user experiences to their end users.  

Secure Infrastructure

Over the past few years we've built many applications using modern cloud-native and micro-services architectures and have developed many techniques and patterns that can be used to build secure, robust and scalable applications.

In cloud-native applications, developers have the power to provision new artifacts at the click of a button. While ease of provisioning new infrastructure is a great during development phase, if those resources are not secured well in production, it can create security loopholes and create huge liabilities for companies if their consumer data gets exposed.

At Tech Fabric, we've created automated scripts and processes to provision secure infrastructure (Infrastructure as Code)  between various environments. Each environment is divided into many tiers (DMZ, Front End, Back End, Middle Tier etc., ) and there are firewalls, gateways and network security groups between tiers that give access to users based on the principle of least privilege.

By leveraging 'Infrastructure as Code' patterns using tools like Pulumi, Terraform, ARM scripts, we're automating creating infrastructure artifacts between Development, QA, UAT and Prod environments. That way Developers, Quality Analysts, Product Owners and other stakeholders are exposed to the secure infrastructure across all phases of software development and there's very little (if any) variance between production and lower environments.

By having a granular control of each tier in your infrastructure and controlling access to various artifacts based on absolute business need, you're protecting your assets and leaving very little room for vulnerabilities.

Secure infrastructure is just one aspect of securing your software applications. In the later blog posts, I'll talk about how to build secure cloud-native applications by taking advantage of secure infrastructure and how the above architecture compliments your software in securing your overall technology assets.

Cheers!

Preetham Reddy

Cloud Architect with focus on Microsoft Stack. C#, Azure, .NET Core, CosmosDB, AI, Machine Learning

Comments

<--! Footer JS --> <--! Footer stylesheets --> <--! Supported Languages -->