3 ways modern applications can boost your security
- Posted on April 25, 2019
- Estimated reading time 3 minutes
To the roster of benefits that companies like yours can achieve today with modern apps—real-time insights that grow revenues, engaging experiences that increase customer loyalty and new efficiencies that reduce costs—you can add one more that you might not expect: Modern apps can make you more secure.
Nearly half the global executives we surveyed for the latest Avanade Hot Topics Survey told us they thought cybersecurity threats were outpacing their ability to keep their companies safe. No wonder, when those threats are coming at them—and you—from more directions than ever before: attacks on your web apps, attacks by botnets, vulnerabilities exposed in open source software. Today, 80% of the app code you use probably comes from open source; how can you track all the vulnerabilities in that software, let alone protect against them? The greater security possible with modern apps isn’t a silver bullet, but it may be the closest thing to one that you’ll find.
The most obvious benefit of the greater security that comes with modern apps is fewer hacks of your network and loss of data—but that’s not the only benefit. You can also reduce the brand and reputational risk that could cost your company tens of millions of dollars beyond any costs of remediation. If you’ve been thinking about app modernization but haven’t yet taken the plunge, your business case just got considerably more persuasive.
So how can modern apps increase your cybersecurity? Here are the top three ways we see in working with our clients:
#1: Microservices architecture. Legacy applications are susceptible to cyberattacks in part because of their traditional, monolithic architectures. They present single points of failure that, when breached, can bring down an entire application. But modern apps aren’t built as monoliths. They use collections of microservices, small modules that are interoperable but independent. The modules make it faster and easier to upgrade any microservice or combination of microservices as new functionality becomes available—including security functionality. The microservices architecture also means that a vulnerability in one microservice is far less likely to impact the others, making modern apps more secure by default.
#2: Public cloud. Not all that long ago, some companies were reluctant to move to the public cloud because of concerns over security. Times have changed. Now, the public cloud can support your modern apps with secure services for access, authentication, and protection that can make them more secure than apps in your on-premises environment. It’s not that the cloud is inevitably more secure, but that public cloud providers, such as Microsoft with Azure, invest in technologies you could never afford to implement on your own. Modern apps—unlike legacy apps lifted-and-shifted to the cloud—are inherently capable of integrating and interoperating with these security technologies. Adopting them will reduce your exposure.
#3: Secure DevOps. You can also make modern apps more secure than traditional apps by building security into the process that builds the apps. With Secure DevOps, you move up security testing early enough in the process to identify issues sooner and solve them faster and more cost effectively, while maintaining on-time delivery of your apps.
Where to begin? You can’t get where you want to go if you don’t know where you’re starting from. A good place to start is with a modern engineering maturity assessment to assess the overall state of your app development environment, including security. If you’re already in the cloud or planning to go there, a cloud security maturity assessment should also be on your to-do list.