To All Articles

How Serverless Computing Is Making Remote Work Secure

Published on June 24, 2020
Source: Rawpixel

As the pandemic begins to slow down, many businesses have to decide whether to bring their employees back to the office or let them work remotely. 


Although corporations like Twitter have announced that they will let their employees work remotely indefinitely, smaller companies often do not have the right infrastructure to facilitate long term remote work. 


The standard solution is to use remote access technologies like Remote Desktop Protocol (RDP) and Virtual Private Network (VPN) to connect to existing infrastructure. Expectedly, since the onset of the pandemic, the use of these technologies is up by 41% and 33%, respectively.

Security is key

However, the problem is not with the technology itself but with how it is managed. More than half of SMEs in the US use outdated operating systems. Then there are unprotected servers and insecure access points that are used for remote connections. 


Employees can further complicate matters because they can use unpatched personal devices over unprotected internet connections to access their company’s servers. Although you can reduce the risk of human error by teaching your employees the rules of cybersecurity hygiene, vulnerabilities in outdated technology are harder to solve. 


The importance of data security is hard to overstate. As we have learned from multiple data breaches in the last decade, even a single vulnerability can compromise entire systems and jeopardize consumer data. While security professionals can create a relatively controlled and secure environment in an office, doing so remotely is more complicated. 

When to go serverless

The modern alternative to these issues is to go serverless. In fact, according to IDC, more than 90% of enterprises worldwide will rely on a mix of cloud environments to meet their infrastructure needs by 2022.


Moving to the cloud can secure your information, make it accessible from any device, and allow all updates and other critical security procedures to be performed remotely. Mobile device management (MDM) systems can even secure all mobile devices remotely by auto checking and prompting their users to update.


Serverless infrastructure means developers don’t need to upload code to servers or do any backend configuration when releasing an application. Infrastructure configurations and deployment settings can be versioned, reviewed, tested, and released with continuous integration. From the technology standpoint, serverless computing increases flexibility, scalability, and accessibility, which help to roll out new features faster.

What if something goes wrong?

Some may argue that going serverless won’t allow you to have full control over your company’s data. The simple solution is to encrypt your information, so cloud providers don’t have access to it. Multiple layers of encryption not only protect it from the providers but from third parties and cybercriminals as well. 


Another common cause for concern is what happens if there is no internet connection. Hybrid solutions where data is backed up onto local servers from the cloud ensure that no data is lost. This additional safeguard not only creates an instant recovery point but can also be used if data on the cloud becomes compromised by intruder, for example. 


Furthermore, implementing a multi-could compatibility system lets you deploy code to different cloud providers such as AWS, Azure, or GCP. By putting your eggs into different baskets, you maximize the security and reliability of your data. 


Going serverless can be a challenging process for inexperienced programmers. Misconfigured serverless infrastructure can backfire and open your company to unseen vulnerabilities. It is important that everything is configured by an expert. We recommend DevOps as a code solution to eliminate this risk of human error.

We can help

At Itirra, we are focused on creating cloud-first applications designed with scalability, security, and privacy. We ensure data encryption in transit and at rest, create a full audit log, monitor all decryption activities, and provide a role-based permissions scheme.

 

We can help you integrate with 3rd party systems such as O365 (Azure AD SSO) and G-suite (SSO). These systems and apps give you access to a centralized dashboard that shows a complete user workflow, eliminating the need to switch between multiple apps, and repeatedly put in credentials into different systems and apps.

 

If you want to find out more or to discuss how we can help your business during these uncertain times, contact us or schedule a meeting with our CEO, Michael.