Everyday, technology from the household to outer space—is evolving at a rapid pace. It almost seems like, by the time you unbox a new phone, its components are already obsolete. For tech companies of all sizes, this rapid pace of change can be both exciting and frustrating. For instance, when deciding a company’s tech architecture, it feels like new and relevant technology emerges the moment the R&D phase is done.

If you want to see engineers debate the virtues of one programming language over another, sooner or later the debate will escalate into a full-blown argument. If we get past the war of words, however, we understand that the technical differences between languages matter less than broader social factors.     

In startups, entrepreneurs and engineers often convince themselves that they should choose the “latest and greatest” technologies. While that’s neither right nor wrong, it is important to understand the particular needs of a startup before proceeding. Primarily, startups should choose languages that the founding technical team can use comfortably—rather than coding languages that consultants prefer or recommend. Fluency with conversation and idioms can make a vast difference in productivity and helps teams avoid consistent, minor technical problems. Further, it’s easier to hire experienced, excellent talent if the tech architecture uses more mainstream languages and tech stacks. It is also easier to find resources online to use the technology to its fullest extent.

Coming of the real practical life I am taking Java tech related example. Java has started in Jan 1996 and now it has been used in more than billions of devices. Java 10 has been released in March 2018. Still, If we look for the resources in the market for Java 8 with complete features there are a handful of resources. Coming to RX Java and Kotlin even lesser resources.

Choosing a language is not only a language selection it is more on the creating a culture in the entire ecosystem. Netflix has taken java, with spring boot and created the complete Spring Cloud and this is widely accepted by the enterprise world as well. One must think that what is the purpose if it is scientific computing then python is go to language but for the enterprise application python with sucking the bandwidth and delay the project.

In startups, speed is arguably the most important variable to consider. The technology used should be such that it can be easily implemented by developers, and can get the support needed online to maintain that same pace of development. Your architecture must also be robust so that technology can be replaced if something more up-to-date appears in the market.

Regardless, here are a few points to consider:

    • You have to start work on your current runtime requirement (in OS, hardware, servers, cloud infrastructure etc.).
    • Pick the standard framework for the development like Spring Boot, Spring Cloud etc which are proven in the market and have sufficient resources.
    • You should pick the stable and right version of a language which suits your requirement but do not go for the beta version and new features which have not ‘tested the water’.
    • Languages and technologies must have solid community support. Languages with little support tend to die out because developer tends to leave them and shift to other languages.
    • These languages and technologies should have proper documentation, like user manual and detailed use cases.
  • If common features have already been built out by the community, you should incorporate those features into your system.

In our system, we have adopted both the scenario and found that when we started the stable and proven technologies we were more comfortable and development has been quite fast. Like Java 8, with Spring Boot, Spring Cloud, Eureka, Config Server and Messaging layer gave enough resources(blogs, articles, StackOverflow) to solve problems and quite easy to adopt by the team. At the same time when we started Kotlin with React framework and offline strategy,  it took time to get stability. Due to lack of resources (blogs, articles, StackOverflow), it took time to solve the problem faced by the team.

There are endless debates about choosing the right programming languages but it matters less than the speed of application being rolled out in the field. Having a scalable and robust architecture, reusable components, workflow-based modules are key to success in any product development. In this current era, opting for microservices—and defining the endpoint, their communication and fallback—is preferable. Later, when your application requires scalability, then components that throttle your speed can be replaced with better technology. If an organisation wants to diversify the product reusable services significantly reduce the time of development, sometimes you have everything just you need to create the right workflow.

In my last blog I discussed the overview of cyber security and different type of attacks. Now let us explore insider attack in detail.

Internal Attack:

Employees and contractors have a significant knowledge of organization’s primary security mechanisms (e.g. firewalls, access controls, physical access controls). Systems are built for the untrusted external attacker and not for the trusted insider. People working for or within the organization are aware of the mechanisms in place and can use this knowledge to circumvent defenses.

In order to overcome this advantage and realistically address insider threats, organizations need better capabilities.  Areas could be context-based monitoring, advanced behavior anomaly detection, and link-analysis driven investigation.

Authorisation Creep(Deliberate/Malicious insider):

If a user gets a set of access rights after joining the organisation and soon he gets transferred/ promoted to other departments. Thus, getting more set of access rights and also major productivity classes.

Countermeasures:
  1. Appropriate SOD (segregation of duties) must  be defined for the access of systems.
  2. Only necessary privilege should be given to one user.
  3. All privilege should not be given to single person.
  4. System must have four eye or six eye principle to prevent such attacks, also it must be audited regularly.
  5. Ensure that security patches are reviewed and tested beforehand.
  6. Also, the deployment of the patches should be performed promptly to OS.
  7. For bigger patches, monitoring of the system is beneficial.

An employee can become a malicious insider threat when there is job frustration, persuasion by a competitor who is trying to hire him or a financial motive.

Based on the lack of security and control around critical information, the malicious insider will often copy large amounts of proprietary data either to the cloud, a USB device or a personal device. While this seems very simple and basic, it is extremely effective and happens on a regular basis.TAccidental Insider:

An accidental insider is someone who is tricked or manipulated into doing something that ultimately harms the organisation. Some people further categorize the accidental insider threats into “the infiltrator” and “the ignorant insider.” The infiltrator situation occurs when an adversary accesses a user’s system or steals credentials to gain access to a system.

The ignorant insider is a situation that occurs when an adversary convinces the user to click on a link or open an attachment, which ultimately causes the user’s system to be compromised.

Since both cases are caused by a user action that ultimately results in a system or account being compromised, we group these types of threats together.

Prevention and Mitigation of Internal Attack

  1. Enforce clear security policies and guidelines to minimize the risk posed by both intentional and unintentional security incidents.
  2. Implement the rule of least privilege which indicates that employees should only have access to information resources necessary to perform their daily tasks.
  3. Access control mechanisms enable companies to specify and implement monitoring and auditing requirements

Cyber Security – Different type of Attacks

To be continued…..