Security through Immutable Infrastructure

It’s worth taking every precaution when it comes to IT security. Embracing an immutable infrastructure, an approach where after initial code deployment changes are prohibited on the running system, can improve your overall security posture. Revised code and configuration is deployed to a new set of infrastructure, physically and/or logically separated. Once the updated deployment has been validated and tested, production traffic is directed to the new infrastructure and the previous version is torn down.

It’s the act of tearing down that has significant security implications. Kornelis Sietsma coined the phrase Phoenix Servers in support of immutability to describe the process of new infrastructure rising from the ashes of the previous iteration.

Flying Fire – Karen Eck –

We hear about it all the time, aging systems (technical debt) are left to oxidize, leaving open security vulnerabilities. Often times hackers are in these systems for lengthy periods, only realized in a post event forensic investigation. If we set a Time To Live (TTL) on our host environments, forcing us to replace them with each new deploy, the set of vulnerable systems would greatly shrink. Want to put this to the test? Produce a histogram of the uptime of your servers right now, I bet that’s an eyebrow raising chart.

As teams come to grips with this approach to systems operations, automation will improve, code coverage will increase, and your plan for business continuity will receive and uplift. No one will be excited to build by hand if each sprint requires new hardware, this approach will force a maturity for code deployment.

The economics support this too, as companies shift more workload to the public cloud. You are no longer financially incented to run on the hardware you’ve purchased and depreciating for the next four years. The pay-as-you-go model of the cloud, combined with elasticity and server-less architecture (i.e. AWS Lambda or Azure Functions), are perfectly aligned for immutability.

There is a cultural impact, yet the world is changing, and the blurring of the lines between development and operations engineering is real. Embracing immutability has plenty of benefits, and top of the list ought to be the improvement to security that burning down your server farm will provide.


I usually write while listening to music, today’s inspiration: Jeff Beck’s “Performing This Week … Live at Ronnie Scott’s (Deluxe Edition)



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s