Building modern applications - what to consider around data, value and security

Fintech and banking teams today are building new applications or modernizing their existing ones, and they have to meet strict compliance objectives. At the same time, they want to deliver software innovations faster and more efficiently. To achieve this, software teams are using containers, microservices and APIs to decouple and modularize their monolithic apps into smaller discrete components. Serverless computing helps agile teams build modern applications that are paid for as they get used, rather than requiring big upfront investments. 

When you implement these new and innovative technologies, you have to think about  perimeter-less security and the sensitivity of security operations telemetry. Whether you are a bank covering millions of accounts or a fintech company targeting new digital users, keeping those customers safe and secure should be the top priority. But the models that used to work are no longer suitable in these estranged times. 

Both serverless computing and containers are ephemeral, and also immutable in nature- they can exist for short periods of time and then be broken down again. When these components can change and can run temporarily, all telemetry must be captured for analysis and correlation before disappearing. If you rely on a traditional approach, then your security model may not be fit for purpose.

Transforming your approaches to IT and security

Working with a clean slate around technology and with the freedom to pick new technologies that deliver more flexible working patterns for developers at lower costs can be a huge advantage when you are starting out. However, you cannot ignore regulatory security and compliance requirements when you start down this path. Traditional approaches like vulnerability scanning, threat detection, investigation, recovery and resolution of an incident  can’t keep up when a component may only exist for minutes and the sensitive telemetry insights are hard to capture.

All modern application implementations have to deliver trusted data and good context on their operations, no matter how long an object or set of components operate for. In turn, this will provide you with insight into how the application or underlying micro service is performing and deliver better root cause analysis to detect, investigate, resolve and recover quickly from an incident. This can then be used for checking that applications are performing as expected and that they are meeting their real-time objectives. 

Any change and deviation from this could be a software development or software configuration issue, a fault in a third party component, weak security posture, a problem with non-compliance or an attacker trying to exploit the software development lifecycle (SDLC). All these potential issues must be managed and regulated. 

Consolidating security information 

Achieving centralizing security around modern SDLC implementations involves managing all your data into one place, and then understanding this information in context. Cloud Security Incident and Event Management systems (SIEMs) provide security analysts with this consolidated set of data, with contextual insights. Traditional SIEMs can cover on premise deployments, while Cloud SIEMs can provide security analysts with enhanced visibility for their heterogeneous hybrid and multi-cloud infrastructures.

Not all data is created equally. Modern applications create huge volumes and variety of data, and coping with the sheer veracity and velocity from cloud infrastructure and underlying services is essential. For banking security teams, managing the volume of alerts, causes fatigue, easier to solve if more skilled people are available. For Fintech companies with smaller teams, more automation and smarter real-time decision making processing of data is essential. This is especially important when the IT resources you use scale elastically over time, where your team is small, and where you want to achieve optimal economics.

According to my colleague Ben Hunter, Financial Services Sales Director UK at Sumo Logic, “Fintech companies are often inherently lean in terms of their setup, from people through to architecture. These companies tend to adopt cloud-native approaches from inception for their tools and technology, as this helps them get to market faster. They also typically have the luxury of making decisions around the technology they use with less bureaucracy.”

Looking at how to create more business value from data across your SDLC operations should be on everyone’s list of priorities. As an example, unified observability of telemetry provides the necessary insight for how your new and modernised applications are performing and compliant. However, this data can underpin your integrated approach to security as well. Consolidating data with real-time context and using it in this way helps you streamline your operations readiness and achieve improved return on investment with the same investment. For fintech companies that run with lean teams, this can reduce costs and ensure more efficient operations.