Deploy Global Processes for Code Development and Data Science That Improve Productivity, Collaboration and Enforce Continuous Data SecurityGet Started
At Strong Network, we have created a multi-cloud platform that we call secure Cloud Development Environment (CDE). Companies use it to securely unify access to their global coding and data science processes through a simple web browser. The secure CDE platform is an integral part of their DevSecOps process and doesn't require any integration with their existing CI/CD pipelines. Process security is focused around data, source code and other critical resources, i.e. the company’s most important IP assets, and the platform automates the principles of a Zero-Trust Architecture.
The platform, based on Kubernetes, is a web application where users login to a workspace user interface (see part of the home landing page below) that provides access to Cloud-based Integrated Development Environments (IDE). In addition, developers have access to plenty of informative and collaborative dashboards providing real-time and useful process information. Importantly, coders and Data Scientists on the platform do not have to change their work habits. As a bonus, IDEs started from the platform actually run faster than their locally-installed siblings. Any of the following IDE can be deployed:
Microsoft visual studio code
All jetbrains IDEs
VIM, VI, CONSOLE, ETC.
Screenshot: The workspace user interface giving access to project-based workspaces (right hand-side) and real-time collaboation features.
The platform can be installed on-premise or in the company's private cloud. We also propose a SaaS version for companies that don't want to deal with platform management or do not need any customization, such as integration to legacy tools, custom security policies or audit trail for compliance. The platform is based on Docker container technology which allows the deployments of standardized and templated user environments that can be updated en masse when necessary. This allows for significant reduction in IT infrastructure cost management.
With the platform, companies can now easily on-board team members wherever they are and provide them instantly with fully installed workspaces such that they become productive immediately. Process security is fully implemented by the platform and does not require any local installation. Hence on-boarded users can work with their own device (BYOD) without threatening the security of the process, i.e. there is no need for endpoint security. Once on-boarded, any user benefits from dashboards with real-time metrics. This allows companies to get full visibility of their global operations (Screenshots below.) .
Screenshot: Real-time project metrics with automated activity summary (Insights dashboard)
Screenshot: Project management for global teams with real-time member status (People dashboard)
The ability for companies to deploy a process accessible from any location that safeguards data, source code and other critical assets (even if users are using their own devices) provides them a great replacement for legacy technology such as a Virtual Desktop Infrastructure (VDI) provided by Citrix and VMWare (Horizon product). When used for code development, VDI's notoriously suffer from usability issues in addition from a complex and expensive set up. Usability and developer's productivity is hindered by the lagging displays of remote desktops. VDI's complexity is multifaceted, often requires significant IT support which results in high indirect costs.
In contrast, Cloud IDE's accessed from workspaces are executing natively in the browser and are as swift as their locally-installed siblings. Importantly, companies data stays within the boundaries of their Cloud provider's location (or the on-premise server) and never reaches the user's device. In other words, users have no local copies of the data. This is great for companies needing to comply with regulations about data location. In addition, the platform implements Zero-Trust Architecture principles such that data access is under granular and dynamic control across the entire process.
Perhaps the biggest advantage of a secure CDE over a VDI is that it includes all the collaborative and security features that are necessary to fully guarranty high productivity, usability and security for a global development process. By contrast, VDIs or Desktop as a service (DaaS) provide general purpose desktops. Therefore, most security features have to be implemented separately and at additional cost (see DIY notes in the table below). Our secure CDE is therefore more economical and delivers a full process implementation from the onset. It requires much lighter maintenance, and provides greater overall return on investment. The table below compares important features between both types of solutions.
Lastly, companies using secure CDE are in control of the entire development process from a monitoring perspective because of the all-encompassing process implementation. This allows them to perform continuous auditing without any additional setting. They access a single source of truth, i.e. comprehensive logs based on events collected across the entire process (see screenshot below).
|Feature||Secure Cloud Development Environment||Virtual Desktop Infrastructure|
|Scope of Use||Coding and data science IDE||General-Purpose OS or Applications|
|Collaboration Features for Developers||Included||Application dependent|
|Strong Authentication (incl. 2FA)||Included||Included (Citrix and VMWare Horizon)|
|Continuous Process Auditing||Included, process-wide||Included, user terminal only|
|Attribute-Based Access Control||Included||DIY|
|Micro-Segmentation||included (and fully automated!)||DIY|
|Data Loss Prevention: Clipboard Monitoring||Included||Included (Citrix and VWWare Horizon)|
|Data Loss Prevention: Network Monitoring||Included||DIY|
|Dynamic Security Policies||Included||DIY|
|Full Zero-Trust Architecture||Included||DIY|
Besides being a great platform for collaboration and productive operations, our secure CDE implements the design principles of a Zero-Trust architecture, based on the definition of the NIST Special Publication 800-207. The Zero-Trust approach is a shift in security that focuses on protecting data resources through the application of well-known security design principles. Important principles such as Least-Privilege Access and Network Segmentations are leveraged and built upon with novel concepts such as:
The goal is to obtain dynamically and continuously assessed security policies that enforce business rules across the entire process.
In addition, the process is equipped with security functions such as strong authentication with 2FA, data encryption and Data Loss Prevention such that the company's data is protected whoever has access to it. Finally, the process is continuously monitored and includes the generation of live events. This allows Compliance Managers to economically and easily abide to regulations such as ISO 27001 in the scope of a coding and Data Science development process. Descriptions of the secure CDE platform's security features are available by choosing any of these buttons below.
Screenshot: Live stream of process events that enables continuous auditing for regulatory compliance, e.g. ISO 27001 (Audit Dashboard)
A secure CDE-based process do not only provide trusted access control, great collaborative features and advanced yet non-obstructive security, it also lets users connect to the tools, repositories, documents and artifacts needed for the development process. Event though a secure CDE does not provide a full desktop as VDI or DaaS, it nevertheless lets users access all the tools and information that they need to do their job.
HTTPS, SSH services
Amazon Web Services
For example, access to repositories such as GitHub, GitLab and others is fully automated, including key management. Repositories can be imported and classified such that security policies can be dynamically assessed when users access them. Secrets are managed by the platform and made accessible to any workspace by project owners. With our Enterprise solution offer, we integrate for you that any missing tools. This enables cross-tools artifact traceability to all IP assets created throughout the development process.
Access to (large) data sets is supported by attaching data buckets to workspaces. These buckets are imported from Cloud providers such as Google's GCP, Amazon's AWS, and Microsoft's Azure. Applications for experiment management and data pipelines such as MLFlow, Kubeflow are also easily attached to workspaces such that Data Scientists can interact with them in their code or through the UI. Our secure CDE platform even integrates with Slack such that worldwide collaborators can exchange ideas and embed them to their work process. .
Secure Code Development Outsourcing
Expand your code development capability by onboarding any talent from any location while protecting your source code and data using our Zero-Trust Architecture with Data Loss Prevention.
We created a Virtual Workspace Infrastructure (VWI) to deploy Cloud IDEs with plenty of collaborative features, data security and automation.
Data-Secure IDEs for Data
Improve the data security of your Data Science process by using our platform to deploy Data Science Workspaces as full IDEs in your company or anywhere.
Share your data securely during innovation tournaments on Kaggle. Connect to cloud pipelines and experiment management applications such as MLFlow, Kubeflow, etc.
Connect your workspaces securely to code repositories, data buckets from all major cloud providers.
Zero-Trust, DLP-Enabled Cloud Coding
You can operate your company like we do, we develop our platform using our platform. Our enterprise-grade cloud IDE platform allows you to put your entire DevOps process, including all coding activities in the Cloud.
Our platform enforces zero-trust architecture principles in addition to providing data loss prevention. This will provide you with a leap improvement in your DevOps security and master DevSecOps automation.