Get started Bring yourself up to speed with our introductory content.

Top technological trends hitting the data center soon


Future apps need better security best practices

Source:  Thinkstock

Security must become fundamental to future apps design, according to Gartner.

"All roads to the digital future lead through security," said David W. Cearley of Gartner, speaking at the research firm's ITxpo 2014 in Florida.

Next-generation applications must capitalize on analytical technologies, but future apps also need native protection. These apps will protect themselves by collecting activity data, analyzing it in real-time and immediately reacting to perceived security threats. Start developing application security best practices that are compatible with the flexible, agile enterprise apps needed for modern businesses.

You can't just lock everyone out and lock applications down on the most secure physical systems, with no outside access. To support secure applications, security teams will need to join development and operations staff in the DevOps paradigm, according to Gartner. With security teams' input, developers can build in resilience and intelligence to enterprise applications that also run well and scale with user demand.

View All Photo Stories

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

How has application security changed while you've been in the data center industry?
The growing app reliance on location has greatly changed security for data centers. Next-generation apps have security features that analyze activity data in real time and immediately react to security threats, and data centers supporting these apps must collaborate with developers and institute security best practices that are responsive and agile to the way these apps work.
Contextual IT-- where an app is accessed, historical use patterns, etc. -- for each service or transaction will require this kind of intense collaboration between security and developers.
While I'm not in charge of data centers per se, I do see changes that have come down over the past few years. Mostly I see apps that are designed with one purpose in mind. This segregation keeps them from affecting systems on a grander scale and keeps them from allowing broader access to data centers. Where some apps used to be written to access an entire drive/system/server, there are apps that don't require that level of access to do their job.
Next up, I've seen a lot of verification built right into apps and a proliferation of apps that are served and verified via the cloud. While there still are disks out there, most apps are now installed via the Web or a thumb drive with IT oversight. And verification upon launch is pretty common along with mandatory sign-off and resign in time limits. You can't leave an app open for weeks or months. Now a nightly shutdown is required for many systems where personnel have to be logged out -- or they are automatically logged out when they scan themselves out of a building.
Yes - security needs to be something that's built in and is not reliant on application users to follow certain processes. It remains to be seen whether organizations will actually be proactive on this, however.