by PJ Christie
CabForward℠’s goal is to produce quality software that survives any crisis.
“To increase your software’s survivability you need to recognize that safety critical systems cannot be truly safe unless they are also secure.”
Once your organization has made the decision to leverage Rugged DevOps and software design in your cloud applications, we encourage you to work proactively to reduce risk, beyond the typical process of reacting to incidents and only then building in the safeguards to protect it.
We believe there are two standards of survival as it relates to the cloud app.
A system that shuts down to protect itself is not survivable. A system that is able to operate with partial resources available can be considered surviving at less than optimal capacity. The definition we are working towards is where a system under attack can defend itself by making parts unavailable to an attack or failure, while primary critical resources can continue operating.8651808823 cc76cf1a72 n
For example consider email. Few organizations would not include email on a list of critical applications for their day to day operations. Part of the email software might include a non-critical spam filtering system. If something goes wrong with the spam filter, no enterprise would have a problem with tolerating spam for a short period of time if it meant they would continue to send and receive email.
Rugged software can keep the primary critical system operating, alerting the dev team to the source of the problem including whether it is a performance problem or system failure. The dev team creates a patch to solve the problem, unit tests it, pushes it to the Continuous Development environment where it is again tested and if it passes, push to production.
Within Rugged DevOps, the overlap of software and architecture, the distinction is rarely as clear. Is the system caching in place considered critical to safety and security? Usually not. But if that system caching assists in the authentication of the user, it is.
What standards does your IT Department or Software Developer have in place to improve the survivability of your web application?