MDB Weekly is a multi-format, weekly summary of information from the past week in Modern Digital Business. It's available as an article, an email newsletter, and as a LinkedIn newsletter. It will be published weekly on Mondays.
First Up: Independent Third-Party Observability with Jeff Martens, CEO Merits
What happens when observability becomes a commodity and is independently brokered via a third party? Can you monitor your SaaS applications like any other services in your application?
Last week on the Modern Digital Business podcast, I interviewed Jeff Martens, co-founder and CEO of Metrist.
Metrist has built such an independent third-party observability platform.
Listen in to learn more about how commoditization of observability can improve application availability overall.
Last week’s top story: Cloud-native apps are like nuclear submarines
Have you seen the movie Crimson Tide? Every person architecting a cloud-native application should see this movie. In it, a breakaway Russian government threatens a nuclear attack on the United States. A U.S. submarine, cut off from communications with Washington but well aware of the armageddon threat, must decide whether they should launch their nuclear weapons against the rogue government to stop the threat. The two senior officers on the submarine (Gene Hackman and Denzel Washington) disagree on whether the weapons should be used, but both must agree and use both their respective launch keys to activate the missiles. The simple act of disagreeing on the outcome keeps the missiles from being launched by either of them.
This is the philosophy behind a critical application security principle often ignored by companies building their internal infrastructure security architecture for their cloud-native apps. The principle is called the “Principle of Separation of Duties,” and it is critical for the IT infrastructure of all applications and businesses, large and small.
Why is this important?
Do you have “special people” in your company? These people have extra access to the operational IT infrastructure, application data, and application itself that most people don’t have access to.
They have these permissions, so they can fix things when they break. If a server goes crazy, someone needs to log in as “superuser” to fix the problem, right? And you certainly don’t want to give superuser access to everyone. So, some people have these special permissions and can be called in when specific jobs need to be accomplished.
Having employees with special capabilities like this can give expediency to your application and business. But, universally, having employees who have this level of access is a bad security practice.
This is where the Principle of Separation of Duties helps out.
How can this principle help with cloud-native app security?
Read the full article in last week’s Container Journal article.
Also last week: DBTA/Cockroach Labs webinar
Topic: How to Architect Highly Available Apps for Scale in the Cloud
Last week, I was interviewed for a live webinar on database trends and applications. The webinar was sponsored by Cockroach Labs, the maker of CockroachDB. Cockroach Labs is a sponsor of my O’Reilly Media book, Architecting for Scale, and Andrew Marshall, VP of Product Marketing and Developer Relations at Cockroach Labs, talked to me about scaling now, in the past, and in the future. Not surprisingly, given the forum and audience, we focused heavily on the data aspects of scalable applications.
If you want to watch a recording of the webinar, it’s live on the DBTA website. Click the link below.
Links for the week:
- DBTA/Cockroach Labs Live Webinar
- Book: Architecting for Scale
- Cloud-Native Applications Are Like Nuclear Submarines
- MDB Podcast: Jeff Martens, Metrist
- LinkedIn: Jeff Martens, CEO of Metrist
- Atchison Academy
I hope you enjoyed this edition of Modern Digital Business weekly. If you enjoyed this, check out other formats available, including email. All versions are released weekly on Mondays.