Secure Code Deployment for Offshore Development
Question
A security engineer is designing a system in which offshore, outsourced staff can push code from the development environment to the production environment securely.
The security engineer is concerned with data loss, while the business does not want to slow down its development process.
Which of the following solutions BEST balances security requirements with business need?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.B.
The scenario in this question involves a security engineer who needs to ensure that offshore, outsourced staff can securely push code from the development environment to the production environment. The security engineer is concerned about data loss, but the business does not want to slow down its development process.
Option A suggests setting up a VDI environment that prevents copying and pasting to the local workstations of outsourced staff members. This solution can provide a high level of security as the outsourced staff members will be working in a controlled and isolated environment. However, this approach may slow down the development process and add complexity to the workflow, making it more difficult for the staff to work efficiently.
Option B suggests installing a client-side VPN on the staff laptops and limiting access to the development network. This approach can provide secure access to the development network from outside the organization. However, this solution can still be vulnerable to data loss if the staff members' laptops are lost or stolen, or if the VPN connection is compromised.
Option C suggests creating an IPSec VPN tunnel from the development network to the office of the outsourced staff. This solution can provide a high level of security as it establishes a secure connection between the two networks. However, this solution can also slow down the development process, as the staff members will need to connect to the VPN before they can access the development network.
Option D suggests using remote SaaS to provide administrative sharing in production. This solution can provide a high level of security as the staff members will be working in a controlled and isolated environment. Additionally, this solution can speed up the development process as it does not require the staff members to connect to a VPN or work within a VDI environment. However, this solution can also introduce dependencies on third-party services, which can be a risk factor for the organization.
Overall, option D seems to best balance security requirements with the business need as it provides a high level of security while also enabling the staff members to work efficiently without introducing unnecessary complexity or delays. However, it is important to note that each solution has its own advantages and disadvantages, and the final decision should be based on the specific needs and circumstances of the organization.
