Today I dedicate the following topic of the evening. I had a lot of thoughts on this topic. To move everything to a software defined environment is a good thing on simplification of the environment, but with this effort we open the security level of these solutions. For a specified environment a simple person not able to have access. If we move solutions we gave access to our solutions for those persons, who we want to secure our environment.
From this perspective, I much more believe in a specialized environment. If no one able to get access to our system, the system will more secure to external vulnerabilities. I think that ASIC, and FPGA devices have a more secure environment than x86 systems.
I fully agree with the companies who hide their environment from the public. My favorite is the NYSTE. They have a separate environment to reproduce errors in a separate environment. The team who reproduces the errors in most of the cases not even know how the production system works.
These developments will be more important in the future. If we able to hide our environment more, than it expected, we can increase the security of our environment.
As the cyber security threats increase, these topics will be much more important. In the future the company who able to hide their environment will gain business benefit. This will put the question in a different context: What we need to use? Boxed, or custom solution?
Custom solutions are a valid scenario, if the company has a professional team who able to deliver, but in other cases they able to make more trouble with developments.
These threats can be managed with a good code quality assurance.