John Morello
Morello is the Chief Technology Officer at Twistlock, leading the company’s work with strategic customers and partners, and driving its product roadmap. Previously, he was the CISO of Albemarle, a Fortune 500 global chemical company. He spent 14 years at Microsoft, in both Microsoft Consulting Services and product teams. He ran feature teams that shipped security technologies in windows, Azure, and Office 365 and served as the Lead Architect of the hybrid cloud consulting team for the Americas. He lives in Louisiana with his wife and two young sons. A passionate fisherman and scuba diver, he also serves as Chairman of the Coalition to Restore Coastal Louisiana.
In some respects, serverless microservices are inherently more secure than other types of production software. That is true chiefly because a serverless environment removes a number of components that you need to maintain in traditional software environments. There is no operating system (well, there is, but it runs in the background and is strictly isolated from your functions), there is no network interface for you to worry about and so on.
All of this means that there are fewer potential attack vectors for the bad guys to exploit, and for you to have to secure.
At the same time, however, serverless computing creates new security challenges that you wouldn’t face with more traditional cloud-based deployments, like virtual servers. They include:
Visibility challenges : Monitoring your serverless functions is more difficult in some respects. Traditional monitoring tools often aren’t designed to support serverless microservices, and your ability to collect log data from serverless events is limited; Denial-of-Service attacks : These aren’t unique to serverless, but the outcome can be. If an attacker can find a way to execute a vast number of serverless events , they could not only disrupt legitimate services but also tack a very hefty fee onto your cloud-computing bill; Dependency on external resources : Many serverless workloads are designed in such a way that they rely heavily on external resources, such as databases or third-party libraries, in order to achieve their tasks. These dependencies create additional potential security risks, especially if you don’t understand them well; Access control : Related to the previous point, striking the right balance for access control can be tricky for serverless functions. You need your functions to be able to access the external resources they rely on. At the same time, however, you need to avoid giving them access that they shouldn’t have. Granting the right level of access requires careful review of your functions’ needs and should be as minimal as possible. For example, if your function doesn’t need to talk to your database, make sure it’s on a separate virtual network. Best Practices for Maximizing Serverless SecurityFortunately, all of the serverless security challenges listed above can be addressed. When you adjust your security strategy to accommodate serverless microservices, keep the following best practices in mind.
Write (Especially) Secure CodeObviously, we all know that we should always strive to write secure code. And what “secure code” means can vary quite a bit depending on context and perspective. Being told to write secure code thus may seem silly to any IT professional.
Sponsor Note
Trusted by 25 percent of the Fortune 100, Twistlock is the most complete, automated and scalable cloud native cybersecurity platform. Purpose built for containers, serverless, and other leading technologies ― Twistlock gives developers the speed they want, and CISOs the control they need.
When it comes to serverless, however, there are specific things that everyone should be doing to write secure code. One is ensuring that anything that your functions import is secure. Don’t rely on third-party libraries or functions if you can’t trust them. Another is breaking your sets of functions down as much as possible. Have each function do a specific thing, and nothing more. Use vulnerability management tools early in the development lifecycle to identify and fix problems before they ever make it to production.
Monitor!Monitoring has value that every IT professional recognizes. Here again, though, there are some special points to make about monitoring serverless functions.
It can be easy to overlook serverless environments within your monitoring workflows because they are not always running, and the data available for you to collect from them is limited. That does not mean, however, that you get a pass on monitoring when it comes to serverless. You can and should take advantage of tools (both those provided by your cloud vendor, as well as third-party solutions) that enable performance and security monitoring for serverless.
Minimize Access Privileges by DefaultFrom a security perspective, it’s safest to keep access privileges within your serverless environment to a minimum by default, and increase them manually where needed. It will require some work to get this right, and there is always a risk that a lack of permissions could negatively impact functionality. But the extra effort is well worth it if it means preventing someone from taking control of your serverless functions or the external resources that they can access.
MinimizeOne of the reasons why serverless functions, along with other new infrastructure technologies such as containers, have become so popular is that they make it easy to break complex applications into small, discrete parts. This ability can not only improve agility, but also security.
You want to be sure to take advantage of this feature to maximize serverless security. Each function that you write should contain the minimal amount of code, permissions and external dependencies necessary to achieve its goals. Anything else is just unnecessary potential for attacks.
ConclusionServerless functions can not only improve your infrastructure’s scalability and cost-efficiency, but also provide new opportunities for securing your workloads. That is only true, however, if you take steps to address the special security challenges that serverless functions create, such as complex access control configurations and limited native monitoring functionality.
Feature image via Pixabay.