Webinar Transcript:
Online Containers for Enhanced Security
In this discussion, I'll delve into how online containers offer an additional layer of security. My journey into cybersecurity led me to found Strong Network, after my tenure at Snapchat and the acquisition of my previous startup, Strong Codes. Today, we're introducing a platform that stands out in the global market for its unique approach to containerized development environments.
LinkedIn Connection: Feel free to connect with me on LinkedIn for further discussions on this topic. My background spans significant roles in cybersecurity, including Director of Cybersecurity at Snapchat, underscoring my commitment to enhancing data protection in development workflows. This presentation aims to showcase the dual benefits of online containers: reducing development and IT costs while fortifying security measures against emerging cyber threats, ensuring that development teams can work more efficiently and securely.
Transitioning to a DevOps culture, my partner Ozrenko and I, with our backgrounds from Snapchat, understand the complexities involved in shifting from traditional development to modern DevOps practices. Facing outdated tools and processes is a significant challenge for organizations with a history of development. Adopting DevOps necessitates tackling these legacy issues head-on, making processes more efficient and cost-effective. The DevOps handbook emphasizes principles like feedback, essential for updating application development practices. Our journey underscores the importance of evolving past old systems and embracing a DevOps mindset to enhance operational efficiency and reduce costs.
DevOps Agile Transition with Team Velocity
Transitioning to agile methodologies, a stepping stone to DevOps, introduces significant advantages such as enhanced team velocity, reduced development costs, and more frequent releases. This approach, rooted in the Agile Manifesto, aims to streamline the development process. At Snap, we experienced firsthand the intensity of agile practices, targeting new application releases every two weeks. Despite challenges, like occasional failed releases due to build issues, the collective effort of around 2000 developers was essential for managing the app's complexity.
The concept of team velocity is crucial, not just in terms of output but also in evaluating how efficiently a team operates. A key aspect of this efficiency is infrastructure utilization, particularly relevant in cloud-hosted applications where operational costs directly affect the bottom line. Optimizing asset utilization during application deployment is therefore critical, underscoring the importance of efficient release strategies in reducing overall development and operational costs.
Ensuring a high Return on Investment (ROI) for your customers involves deploying solutions efficiently and minimizing operational risks. While the topic of operational risk reduction could fill hours of discussion, a key focus is enhancing the developer experience and fostering collaboration between Development and Operations teams. Risk reduction spans numerous areas, including securing processes to prevent source code theft—a common challenge in the industry. The goal is to balance efficient deployment with comprehensive security measures, ensuring both productivity and protection are prioritized.
Maximizing ROI in Container Development and Deployment
In today's discussion, I'll delve into the return on investment across four critical areas highlighted in "The Total Economic Impact of Red Hat Services and Support for OpenShift" study. This analysis spans the full spectrum of container development and deployment on Red Hat, offering comprehensive insights from the initial development phase to production operations. - Development Efficiency: We'll examine how containers and effective methodologies can streamline the initial stages of developing, documenting, and designing applications, potentially speeding up innovation.
- Testing and Deployment: This familiar phase involves scrutinizing application development testing and deployment cycles to identify areas for improvement.
- Release Cycles: We'll look into optimizing the update and maintenance processes for applications in production, focusing on efficiency.
- Production Impact: Finally, the focus will shift to the tangible effects on production, including infrastructure utilization and reducing the virtual machine footprint, directly influencing the bottom line.
These areas provide a structured framework to understand how different stages of an application's lifecycle contribute to the overall return on investment, with a particular emphasis on leveraging container technology for enhanced efficiency and productivity.
Scaling DevOps Across Organizations of Varied Sizes
The study we're discussing focuses on companies with around 2,000 employees and 100 developers, providing insights into a segment that straddles the line between small-medium enterprises (SMEs) and large corporations. This scale is particularly interesting because, while not as vast as major banks like Bank of America, which boasts 60,000 developers, it still represents a significant operational size beyond the realm of startups.
The mention of such large developer teams in banking institutions underscores the vastness of development operations in the financial sector. This comparison helps to highlight the relevance of the study's findings across different organizational sizes, from the relatively modest to the exceptionally large. It suggests that the efficiencies and methodologies discussed can be applied broadly, offering valuable perspectives for companies at various stages of growth and complexity.
Impacts of DevOps Practices Across Varied Company Sizes
Evaluating the impact and applicability of development practices through studies is crucial, particularly when those studies span a moderate scale of operations, like the one involving companies with around 2,000 employees and 100 developers. This size serves as a versatile benchmark, enabling us to extrapolate findings across a spectrum of company sizes, from smaller entities to larger corporations.
The study in question, which covers a three-year period and involves the development and deployment of 150 apps, including 50 new apps annually, offers significant insights. It reveals not just the quantitative aspects of software development within these companies but also qualitative factors, such as the level of development expertise and the cultural shift towards DevOps practices.
This information is invaluable for organizations at various stages of embracing DevOps, particularly those recognizing gaps in their development capabilities. It highlights the importance of not assuming comprehensive DevOps proficiency across all teams and underscores the potential for learning and improvement, especially in efficiently leveraging major cloud technologies. I recommend delving into this study to glean insights that could be pivotal in enhancing your company's development processes and culture.
The Shift from Local to Online Containers in Development
Diving into the debate of local versus online containers, I found a study particularly enlightening for its focus on the traditional use of local containers, such as Docker, widely adopted for development purposes. In an informal poll, it's clear many still rely on Docker for containerization directly on their laptops, highlighting the prevalent use of local containers in development workflows.
However, the landscape is evolving with the advent of services like GitHub CodeSpaces, which has introduced many to the concept of utilizing containers online. Curiosity around GitHub CodeSpaces reflects a growing interest in exploring how online containers can enhance development practices. Similarly, Google Workstation has emerged as another platform in this space, albeit with less fanfare, possibly due to Google's understated approach to product marketing despite its vast reach in the tech industry. These developments signal a shift towards online containerization, suggesting a potential pivot in how developers approach their work, leveraging the cloud for more streamlined, accessible, and flexible development environments.
Emerging Trends in Cloud-Based Development Containers
Google Workstation and GitHub CodeSpaces introduce distinct approaches to integrating development environments with cloud technology. Google Workstation, akin to an EC2 instance on AWS, offers a virtual Linux machine online, coupled with IDE access, emphasizing a workstation-like experience. On the other hand, GitHub CodeSpaces links directly to a development branch, streamlining the coding process within a familiar GitHub ecosystem.
The discussion then shifts to emerging players like Gitpod (comparison) and Coder (comparison), startups that have recently entered the online container space, alongside Red Hat's Dev Spaces (comparison) service—though the latter's name might not resonate strongly in terms of marketing appeal. This trend towards online containers began gaining traction about five years ago, though it remained under the radar due to modest adoption rates initially. My journey post-Snap involved exploring these innovations, particularly focusing on GitHub CodeSpaces, which became generally available in the latter part of last year. My interest, rooted in cybersecurity, led me to consider how these platforms could incorporate enhanced security measures.
This exploration is part of a broader move to bring development containers online, marrying convenience with security, a transition that is increasingly relevant in today's development landscape.
Improved DevX with Secure Online Container
The primary benefit of online containers is their simplicity and ease of access compared to traditional local Docker usage. For those accustomed to local Docker commands like build and run, transitioning to online containers streamlines the process, offering remote access as if handling a machine via SSH or telnet, reminiscent of earlier computing practices.
This modern approach allows developers to work on containers directly, bypassing the manual steps of building and running local containers. Essentially, these online containers can be seamlessly moved to production, eliminating the cumbersome local setup process. The key, however, lies in effective container management to fully leverage these advantages. While I planned a live demo to illustrate this simplicity, we're all too familiar with the unpredictability of live demonstrations. Nonetheless, the shift towards online containerization represents a significant advancement in development workflows, marrying the convenience of remote access with the robustness of container technology.
Modern Workflows with Cloud-Based Development Containers
In showcasing our platform, I'm giving you a glimpse into how the Strong Network Cloud development environment platform operates. Our development team, spread across Switzerland and Belgrade, utilizes running containers for their work, embodying the essence of Strong Network by developing on the very platform we've created.
Here's a look at my workspace: a container accessible through Visual Studio Code running not on a traditional desktop but within my browser. This setup epitomizes modern development workflows, where I can create and manage files directly in a container hosted on Kubernetes in AWS. Remarkably, this occurs from a Chromebook, highlighting that the work doesn't reside on my local machine but in a cloud-based Linux container.
This approach mirrors the traditional SSH method of remote work but with a contemporary twist, leveraging web applications for a seamless development experience. I can effortlessly transition this work into production, underscoring the efficiency and portability of our development process. For those who prefer the command line, the platform also supports terminal access, allowing for a versatile and familiar coding environment.
Secure Development with Browser-Based Containers
Accessing my container through the browser revolutionizes how we approach development work, akin to the convenience offered by Google Docs. This setup allows for a seamless development environment on any device, eliminating the need for cumbersome installations and setups. Essentially, the focus shifts away from hardware constraints, as all significant processes, including code compilation, are executed in the cloud.
This cloud-based approach contrasts sharply with traditional methods like remote desktops or Citrix VDI for development, which primarily rely on streaming the desktop. Instead, what's offered here is direct execution within the browser, providing a much smoother and integrated experience. The development environment, running Visual Studio Code in this instance, functions identically to its local counterpart because it operates within a mini browser, thanks to being crafted in TypeScript. This means developers can work as efficiently as if the software were installed on their local machines, but with the flexibility of cloud computing. In this demonstration, I'm highlighting the flexibility and ease of creating new workspaces within our platform, particularly useful for quickly onboarding new team members. For this demo, I'll set up a workspace dedicated to data science. Choosing a container is straightforward; I select one that matches our project's needs, ensuring it has sufficient resources.
Once the container is selected, I can easily share it with others, enhancing collaboration. The platform supports various IDEs, including VS Code and PyCharm, allowing for a customized development environment based on the project's requirements. Additionally, I can specify the computing resources, such as the number of CPUs, tailoring the workspace to the task at hand.
For this specific workspace, I'll integrate a project involving a Jupyter notebook, enabling data science activities. While not delving deeply into security specifics here, I'll activate monitoring features to safeguard sensitive data, such as personal health information, underscoring the platform's capability to balance open collaboration with stringent data protection.
Secure and Collaborative Online Development Platform
In aiming to safeguard my workspace against data exfiltration, I'm setting up enhanced security measures. The workspace, ready in mere seconds, illustrates the seamless management of online containers through our user interface. As a project owner, I have a comprehensive view of all the team's workspaces, including those shared with me, fostering a collaborative environment akin to sharing a Google Doc. For example, I can easily access a workspace shared by my colleague, Bjorn, enabling us to engage in peer coding—a practice that enhances code quality and team synergy. While this collaborative approach is valuable, it's best utilized judiciously to avoid clutter and maintain focus.
This level of interaction and visibility, supported by our platform, exemplifies how online container management not only simplifies project deployment but also bolsters team collaboration and security, embodying the principles of modern development environments. Now, let's revisit the study's findings to understand the broader impact of these practices. Integrating Data Protection in Online Container Platforms
Understanding the landscape of online containers reveals a variety of solutions, including GitHub CodeSpaces, Google Workstation, Gitpod and StackBlitz. Each platform offers unique features tailored to developers' needs. Our platform, however, distinguishes itself by integrating comprehensive enterprise data protection into the mix.
Just like traditional VDI solutions such as Citrix VDI, VMware Horizon and DevBox provide data loss prevention, our platform accomplishes this within the realm of containers. This focus on security is what sets us apart and why we're chosen by sectors with stringent data protection requirements, like banking and insurance. Our approach ensures the same level of data security and compliance offered by conventional IT solutions but leverages the flexibility and efficiency of containers. Boosting Development Efficiency with Local Container
The standout finding is that local container usage can slash the time needed for planning, documenting, and designing by over 80%. This impressive reduction is particularly evident when considering the capacity for annual application development. For many organizations, producing 50 new applications yearly might seem ambitious, yet this is standard for sectors like banking.
The key insight here is not just the sheer volume of applications but the efficiency gained through containerization. Containers simplify many aspects of development, notably reducing the complexities around planning, documentation, and managing dependencies. Achieving this level of efficiency, however, requires effective container management within your platform.
An efficient container management system enables quick access to containers, allowing for the straightforward creation of new workspaces. As demonstrated, setting up a new container for data science—or any other project—can be accomplished in seconds, showcasing the practical benefits of containerization in accelerating development workflows and increasing productivity.
Developer Workflows with Automated Online Containers
This illustrates the transformative power of online containers, particularly in handling authenticated projects. A key benefit is the automated cloning and key management, significantly simplifying the developer's workflow by removing the need to manually manage security credentials.
Moreover, the workspace is pre-configured for specific tasks, such as data science in this example, with all necessary libraries already installed. This setup not only streamlines the initial setup but also supports running applications directly from the online environment, addressing common concerns about executing applications hosted online.
I demonstrated running a data science application within this configured workspace. The app, made public through an extension we developed for VS Code, automatically appears in the UI, accessible for collaboration. Sharing the app is as simple as distributing a URL, allowing anyone to view the application in their browser, showcasing real-time collaboration facilitated by our platform's capabilities.
Accelerating DevOps with Online Containers
The second key finding from our study highlights the potential to accelerate application development and testing processes significantly, with a notable cost reduction of over 60%. This efficiency gain is primarily achieved through the utilization of online containers, which I demonstrated earlier using VS Code in a cloud IDE environment. This approach not only simplifies the development process but also introduces flexibility in how developers interact with their workspaces, including options for SSH access through extensions like VS Code Remote Dev or JetBrain Gateway.
This flexibility means developers aren't confined to using the cloud IDE; they can also connect via a local IDE if preferred. Beyond ease of access, our platform simplifies credential management, eliminating the hassle developers often face with authentication for Git and other resources. Direct integration with GitHub via a secure browser on our platform further streamlines workflow, ensuring secure and efficient access to necessary development tools.
Moreover, the third significant outcome is the acceleration of release cycles and a 50% reduction in application update and maintenance costs. This aspect is crucial, as application maintenance and upgrades, often not handled by the original development team, can become a bottleneck in many organizations. Our approach aims to address these challenges, making the development, testing, and maintenance phases more efficient and cost-effective. Securing Outsourced Development with DLP Solutions
Often, application maintenance is outsourced to regions with lower labor costs for efficiency gains. Yet, this practice introduces security concerns, particularly when it involves external teams handling sensitive data and source code. This is where Strong Network steps in, offering robust security solutions to safeguard these outsourcing relationships.
Historically, companies relied on VDI, Citrix, remote desktops, or tools like TeamViewer for outsourcing maintenance, which could be cumbersome and not entirely secure. Coding via TeamViewer, for example, is less than ideal, and these tools may not fully prevent data breaches, as clipboards and sensitive information can still be compromised.
Strong Network addresses these security gaps by emphasizing Data Loss Prevention (DLP). This approach is critical for companies outsourcing to remote teams, ensuring data integrity and protection against unauthorized access. Despite the size of the company, the risk of being hacked remains if adequate security measures, like those provided by Strong Network, are not implemented. This highlights the importance of DLP in maintaining secure and efficient outsourced development and maintenance workflows. Mitigating Security Risks in Development with Containerization
For those keen on understanding security challenges in modern development environments, I've penned an article detailing recent security breaches at major tech firms like Slack, Okta, and CircleCI. These incidents, resulting from compromised developer laptops, underscore the vulnerability of critical source code through seemingly simple phishing attacks.
This situation highlights a significant risk: when developer credentials are scattered across laptops without adequate protection, the company's source code could inadvertently become accessible to all, posing a severe issue for organizations like Okta or password management services.
Another critical aspect I touched upon is infrastructure utilization efficiency. This factor directly impacts the bottom line—how much it costs to run applications. Leveraging containers offers a more efficient deployment method compared to traditional VMs, especially when integrating serverless computing or microservices, which can significantly enhance asset utilization and reduce operational costs for both providers and their customers.
As we delve deeper into these topics, I'm eager to engage in discussions and demonstrate through a demo how adopting secure and efficient containerization practices can mitigate these risks and optimize infrastructure utilization.
Reducing the Cost of Providing Secure Developer Laptops
In an article I authored, I delve into the evolving landscape of development work, particularly the virtualization of the developer's laptop through online containers. This transformation underscores a significant shift: the hardware you use becomes irrelevant, offering unparalleled flexibility across devices. Whether at the office or home, accessing your development environment is seamless, with no need for reinstallations across various machines—be it a Chromebook, Windows PC, or Mac. This portability is a cornerstone of the value proposition at Strong Network, where we extend this convenience to security. Our aim is for security measures to accompany the developer, ensuring that no sensitive information that could jeopardize company integrity remains on the laptop. This approach mitigates risk irrespective of the device used.
The article further explores the historical context of data migration to the cloud, notably customer and CRM data, which, before platforms like Salesforce, posed significant risks when stored locally on laptops. This transition marks a pivotal moment in safeguarding data against loss or theft, reducing potential legal and regulatory repercussions for companies. Through embracing online containers, we not only champion development efficiency and flexibility but also prioritize the foundational aspect of security in the modern digital workspace.
Advancing Cloud-Based Development with Observability
The evolution of data management has now reached a pivotal stage where the last remnants of data traditionally stored on developers' laptops—source code, data, and credentials for accessing online applications—are transitioning to the cloud. This shift underpins the emergence of platforms like Google Workstations, GitHub Code Spaces, and our application, highlighting a significant trend towards cloud-based development environments.
A particularly exciting aspect of moving containers online is the enhanced visibility it offers into the development process. During a recent discussion on observability, the concept of "insights" was introduced, showcasing how online containers can transform data analysis and reporting within development teams. Our platform features a command-line interface (CLI) that enables precise measurements across all workspaces, offering real-time insights such as the average build time for developers. This data is automatically collected, analyzed, and displayed, providing project managers with invaluable information on team performance and efficiency trends that would be challenging to gather without the cloud infrastructure.
This stage in data evolution not only marks a leap towards more secure and efficient development practices but also opens up new possibilities for monitoring and improving the development lifecycle through cloud-based solutions.
DevOps Efficiency with Cost-Effective Online Containers
Adopting online containers significantly enhances observability within development processes, allowing for comprehensive monitoring of everything from processes to resource allocation. This capability provides detailed insights into the utilization of Kubernetes clusters, facilitating effective cost management.
Our analysis, through Total Cost of Ownership (TCO) studies, reveals that leveraging online containers for team management is notably cost-effective—potentially halving the expenses compared to traditional laptop setups. Even with high-end $1,000 Chromebooks, the savings are substantial when compared to the costs associated with standard developer laptops like Macs.
Moreover, the cloud access provided through online containers offers unparalleled computational power on-demand, allowing developers to temporarily utilize high-capacity resources at minimal incremental costs. This approach not only yields financial benefits but also promotes sustainability by reducing hardware consumption.
As we conclude this discussion, I invite you to join our upcoming webinars, including one on June 1st focused on DevSecOps automation and governance. These sessions will delve deeper into how online containers can streamline DevSecOps practices through automation, enhancing efficiency and compliance.
For more information or to register for a webinar, please scan the provided code. Feel free to reach out with any questions or for further discussion on the transformative impact of online containers in the development landscape.
All material in this text can be shared and cited with appropriate credits. For more information about our platform, please contact us at hello@strong.network