Improving security posture using ephemeral development environments
Ephemeral development environments are a zero compromise solution where security policies can be applied and followed automatically, without impacting developer experience.
TL;DR: Securing development environments is especially challenging when developers often find workarounds to security policies that impact their productivity. Ephemeral development environments offer a no-compromise solution where security policies can be applied and followed automatically without impacting developer experience. Why? They drastically reduce attack surface areas and provide security teams with an ‘eject’ button without hurting development workflows. Ephemeral development environments are now a critical foundation for AI-native software engineering. They drastically reduce attack surfaces and give enterprises a no-compromise path to combine developer velocity with strict security. Ona is this platform - built for the AI-native era.
What is a cloud development environment?
Simply put, cloud development environments are where developers write, test and review code. They are used by companies like Uber, Slack, Stripe and many more in order to improve developer experience, productivity and most importantly, security posture.
A CDE shifts development work off a developer’s physical device and into the cloud. Developers have a ‘window’ into their environment via an editor of their choice, and all of the processing, computation, secrets access and source code is stored remotely, off of the developers device.
Historically, organizations used virtual desktop infrastructure (VDI) to keep sensitive data away from physical devices. However, we now know that VDI can drastically reduce productivity and burn out developers, while being an expensive burden on platform and IT teams. CDEs don’t have this developer experience or security compromise.
Cloud development environments are fully automated, ensuring security best practices are adhered to by default. In Ona, each new development environment is created according to a configuration file stored in the same repository as the developer’s code. This includes things like package management, linters, security scanners, and secure networking config.
Ona environments are truly ephemeral, meaning they are short-lived and temporary. But, why is ephemerality so important for security?
The security benefits of ephemeral environments
Ephemeral environments are short-lived and disposable. This means they only have access to code, systems, and networks for a temporary period of time. Any successful attempt to compromise an ephemeral environment will gain minimal system access as that access is only granted for as long as the environment is actively being worked on by an authorized developer - no persistent network access.
Additionally, ephemeral environments are built to be destroyed. If a breach is confirmed, you can wipe and restart an environment without hurting the developers productivity or workflow, and with confidence that any threat is immediately contained. The impact of this is:
- No accumulated vulnerabilities
- No persistent malware
- Limited exposure to security threats
- Minimized malware risks
- Protection against code exfiltration
In the age of AI-native development, this becomes increasingly important. AI agents can install outdated or vulnerable packages, and poorly generated code is becoming more commonplace in the name of velocity. Running that code in secured, zero-trust environment sandboxes allows developers to ship fast without risking the security of their machine.
Static environments are long-lived and typically hold broad access to more code than the current task, creating a larger vulnerability surface area.
Below is a breakdown of the differences between ephemeral and static environments:
| Ephemeral environments | Static environments | |
|---|---|---|
| Live time | Hours, or even minutes. | Days, weeks, years. |
| Secrets | Secrets are short-lived and temporary. When a developer’s task is complete, access tokens expire. Meaning any leaked access has temporary and short-lived access. | Secrets are long-lived. If an environment is compromised, secrets can be used repeatedly by an attacker for an indefinite period of time. |
| Network access | Ephemeral environments only have access to any networks that they need to complete a given task. | Static environments have access to all networks relative to any work being completed on the device. This often means very broad access to internal systems or networks. |
| Physical compromise | Ephemeral environments run in the Cloud, benefiting from many layers of physical protection. If a compromise is detected, environments can be shut down immediately. | Static environments often exist on physical hardware that can be stolen, preventing easy retrieval of assets like source code. |
| Threat outside of use | Ephemeral environments are shut down when not in use, rendering them only open to attack during active use. | Provided a device has power and is connected to a network, static environments are constantly open to threat. |
| Attack surface area | Ephemeral environments only work on small amounts of source code at a time, and do not provide access to a larger codebase. | Static environments typically store source code for many projects or tasks. If physically stolen, or compromised, exfiltration can be performed on a larger codebase or assets. |
| Ability to reset | Ephemeral environments reset to a known secure baseline, effectively reducing the blast radius upon compromise. | Malware can creep into static environments posing a threat to any future code which is written and pushed to repositories. |
If you’re interested in learning more about how Ona cloud development environments (CDEs) can enhance your security posture and developer experience, book time to speak to our team or try Ona for free below.