CS 783 Waldorf University Tradeoff BW Centralized and Embedded Security Questions
- June 22, 2022/ Uncategorized
Our course covers a number of important IT governance topics in the context of Enterprise Architecture, including security. One of the statements I make during the security lecture is: “Security should be baked into the cake, not bolted on as an afterthought.” My husband, the ex-English teacher and an avowed Luddite BTW, corrected me, stating that I was mixing my metaphors – i.e., I should have said “Security should be baked into the cake, not treated as icing on the cake.” While he is correct (he almost always is!), my phraseology is more harsh, perhaps better denoting the negative downstream consequences of treating cybersecurity as an afterthought. The “bolt on” approach is an excellent example of being reactive instead of proactive: The proactive approach, however, is an essential part of pursuing Enterprise Architecture as Strategy, the title of our course textbook, and of course, a major theme of our course.
Moreover, there is no better illustration of this principle than the internet, right? The internet grew organically from its original mission to enable researchers to collaborate more easily. It is a classic illustration of “enabling technology” – in the 1970’s and 1980’s, no one envisioned internet shopping, let alone Alexa! And security was definitely an afterthought.
One of the toughest challenges with Enterprise Architecture is to craft an architecture that can gracefully scale and adapt to change, while effectively utilizing governance processes and policies to ensure that your design principles are followed over time. For example, consider an architecture you carefully design using the event-driven model (see Software Architecture Patterns by Mark Richards) that disintegrates into spaghetti code after two years of maintenance by your IT staff because they didn’t understand your first principles!
This assignment will give you an opportunity to think about how the principles we have discussed could be leveraged to improve cybersecurity. Either choose Johnson & Johnson or the company that is the subject of your Term Project as the architecture to use in order to design your security approach.
As a general guideline, you should cover at least a single sign-on scenario and a workflow we know well, such as the Order Fulfillment workflow from Assignment 3. You need to be specific about the exact technologies you propose to use for your solutions, e.g., JWTs, oAuth, etc.
- Legacy applications
- Greenfield applications using microservices
- Testing, testing…
- Policies, IT engagement model
Let’s say your EA has a profusion of legacy applications that have uneven/heterogeneous approaches to handling security. This hodgepodge has led to several data breaches over the past 3 years. Suggest some solutions where the legacy applications can remain in place, but the risk of data breach is greatly reduced. Be specific – use a workflow (or at least a partial workflow) from your Term Project or the Order Fulfillment workflow, and compare/contrast the situation before and after your security improvements are put in place. Your treatment does not have to be exhaustive, but the examples you use should be detailed and specific, not hand-waving.
Let’s say that your business in question 1 has decided to blow up and replace the old legacy applications with a microservices-based architecture. How would you approach a greenfield with microservices and bake security into the cake? Hint: Each microservice, or set of orchestrated microservices, will need to have security incorporated somehow. How could that be done? What would the downstream consequences be of your approach in terms of (1) system performance, (2) amount of code to maintain, and (3) system complexity?
How would you create a testing environment that would give good test coverage over the solution you propose in question 1 (i.e., after your security improvements) and what you have created for question 2? Give examples, explain and justify your recommendations.
There is a trend over the past few years to centralize security oversight in large corporations, leading to a fairly recent C-suite role of the CISO (Chief Information Security Officer, pronounced “see-so”). The CISO role is a separate role from CIO or CTO. Very recently, some large tech corporations, notably Facebook, have decided that the centralized approach isn’t working for them, and they have decided to pursue so-called “embedded” security, where the responsibility for security is pushed down into the development teams, and the CISO has left the company.
- Describe the trade-off between centralized and embedded security, listing the pros and cons of each approach.
- Say your company has adopted the embedded approach. As CIO, write a few paragraphs on the security policy you want the teams to follow in order to assure consistency and security in the enterprise architecture.