Ship on day one
How DevOps Can Get You 90% of the Way to Better Security
Alex Gounares, CEO of Polyverse, explains how easy it can be to secure your systems while still using CI and CD.
Developing software with a virtual machine, deploying it into a virtual host—these are the kinds of things that can give information security engineers nightmares. And those fears are understandable, but they’re actually unfounded.
In this week’s episode of the Ship It Show, Polyverse CEO Alex Gounares explains how the move to DevOps can actually give you a chance to dramatically improve your cyber security. And that begins with moving to something called polymorphic Linux. What is it? It’s a secure version of Linux available from Polyverse that’s hardened against zero-day cyber attacks and addresses something Gounares calls “panic patching.”
Typically when a patch comes out you’re faced with two options: Patch immediately and run the risk of an outage, or don’t patch immediately and run the risk of getting hacked. Polymorphic Linux solves that problem by giving you a unique version of Linux every time you install or run an update. “So nobody has seen it before,” Gounares says. “And if hackers don’t know your software, it’s very, very hard for them to attack it.”
Polymorphic Linux can solve about two-thirds of the vulnerabilities you’ll encounter, but from there you’ll need to take a couple other steps:
• Multi-factor authentication for users. This eliminates the issue of single points of failure if a password is compromised.
• Data encryption. Seems obvious, but it bears repeating.
At the end of the day, though, the key is to think hard about investing in expensive firewalls and antivirus protections. “If you look at the industry as a whole, that stuff doesn’t really work,” Gounares says. “We still had the Equifax hack. We still had the Yahoo hack.”