New York City Takes a Cloud-First Strategy
New York City helped keep essential services secure and reliable by adopting IaC along with a cloud-first strategy using Google Cloud Platform.
New York is using declarative IaC, says Colin Ahern, New York City’s deputy CISO, in a recent webinar. “Infrastructure as Code as an operational model and the zero-trust framework as a security architecture are, I think, the two most important elements for any successful cloud deployment,” Ahern says. For New York, an important part of this IaC and cloud strategy was to deliver business value as a city government by letting “computers and robots do computer stuff and people do people stuff,” he explains.
“Automation gives our analysts the time to focus on more interesting and technically challenging pieces of the analysis,” adds Quiessence Phillips, deputy CISO for threat management at the New York City Cyber Command, in the webinar.
In addition, an open-source framework brings the flexibility to collect telemetry data quickly for the city, according to Ahern.
Infrastructure as Code Offers a Speedy Response to Threats
With IaC, government agencies can speed up their response to threats.
“In many cases, Infrastructure as Code just means the developer can have access to code faster,” Bowker says. He explains that IaC runs inside the data center of a cloud provider like Google Cloud.
“That code is mapped to cloud infrastructure running in a Google data center that can easily be quarantined, easily be monitored, easily be alerted if a threat should be detected or the application developer or architect or a company or agency needs to make any changes,” Bowker says.