{"id":17235,"date":"2019-05-10T15:31:12","date_gmt":"2019-05-10T14:31:12","guid":{"rendered":"https:\/\/www.devopsonline.co.uk\/?p=17235"},"modified":"2019-05-10T15:31:12","modified_gmt":"2019-05-10T14:31:12","slug":"could-idaas-be-the-olive-branch-between-security-and-developers","status":"publish","type":"post","link":"https:\/\/devopsnews.online\/could-idaas-be-the-olive-branch-between-security-and-developers\/","title":{"rendered":"Could IDaaS be the olive branch between security and developers?"},"content":{"rendered":"
Could IDaaS be the olive branch between security professionals and developers?<\/em><\/p>\n
Developers and IT security have not always seen eye to eye. Actually, they rarely see each other at all. There seems to be all too little interaction between the two disciplines, and when they do interact there can be conflict.<\/p>\n
While developers are often concerned with building skyscrapers on tight deadlines, security professionals can seem like the Health & Safety department, holding them back.<\/p>\n
It\u2019s not hard to imagine the reasons they might seem distant. Developers have a reputation for writing insecure code and behaving in an insecure way. When apps are released without security oversight, it can cause a lot of headaches for IT security. Moreover, developers can often wield powerful permissions in a network, making them good targets for cyber-criminals.<\/p>\n
Security for them is often not high on their list of priorities, especially with the ever diminishing product life cycles and deadlines that they have to deliver to.<\/p>\n
IT security on the other hand, has a reputation of being the ‘Department of No’. They point out big problems in otherwise great inventions and the architectural flaws they spot get developers in trouble. Moreover, their interventions often have the unfortunate side effect of slowing down the development process.<\/p>\n
Suddenly, a complete piece of work becomes something that\u2019s full of gaping holes, all of which need to be fixed before release. In a time when the pressure is always mounting on businesses to develop new products and meet ever tighter deadlines, security is too often seen as a barrier.<\/p>\n
It is also, in part, the product of a different mindset. Development as a discipline is simply not directly concerned with well, security and vice versa. Some might even say that for a developer to take too much interest in security would undercut their critical function, in the same way a security professional too focused on an app launching on time might seem distracted from their job.<\/p>\n
It\u2019s an imperfect situation that can leave one party looking like irresponsible children, and the other looking like overbearing parents.<\/p>\n