Due to the increasing number of ransomware and security breaches, premiums for cyber-insurance have gone up by 10 to 40 percent in recent years. Ara Aslanian, CEO of Inverselogic says “Minimum security requirements have definitely changed, especially the way insurers review the companies," Aslanian says. “Previously, the checking process was mostly conducted by self-assessment, which meant the insurers would send companies self-assessment sheets for them to check the boxes. Now insurers are hiring professional companies to verify if the systems or protocols these companies have in place really reach the standard and fulfill requirements." 

Heroku Private Space and mTLS: Heroku Overview

Per Heroku, the Platform-as-a-Service (PaaS offering) is a “network isolated group of apps and data services with a dedicated runtime environment, provisioned to Heroku in a geographic region you specify” Essentially the platform provides a more secure environment for running containerized apps. 

Architecture

Multi-tenancy is a common approach many cloud providers use to maximize space on their servers. With multi-tenancy, each client gets a portion of space and resources on the same server. This approach may be suitable for many use cases. However, some companies may have more stringent needs that require additional security practices. For example, some may be subject to regulations such as (Health Insurance Portability and Accountability) HIPAA or (Service Organization Control) SOC2. That’s where Heroku can help.

Heroku Private Space and mTLS: Benefits of Heroku Private Space

This platform offers several benefits that make it an ideal environment. Each of these benefits ultimately alleviates companies from handling the many tasks associated with maintaining a secure environment. The benefits include:

Security

The PaaS offering helps companies build a consolidated architecture that combines on-premise systems with cloud solutions in a single managed environment. The company provides Postgres EX, Redis EX, and Connect EX as unique versions of the services that can only be run on the platform.

Performance

Each environment features a dedicated runtime that has smart containers which help maximize resource usage to realize significant performance.

Perfect for Microservices Environments

Each space allows companies to run private dynos along with their smart containers that communicate with each other over a private network. The benefit of this is the ability to create sophisticated and powerful application architectures using microservices.

Scalability

The environment can scale as needs change. This allows companies to get started with the space they need without investing significant upfront costs. Additionally, the platform can scale vertically by providing access to more processing and CPU as demand increase.

Supports Continuous Integration

In the age of digital transformation where agility is key, the ability to deliver products is essential. The platform supports your continuous delivery by integrating with several industry-standard tools such as GitHub.

Heroku Private Space and mTLS: What is mTLS

Mutual Transport Layer Security (mTLS) is an industry-standard communication protocol. It is a two-way authentication method that requires both the client and the server to validate their identities to one another. The protocol works on the premise of certificate exchange between the two. This minimizes the chance a hacker could impersonate a valid user to log in.

Heroku Private Space and mTLS: How They Work Together

Both of these technologies support building a secure cloud-based infrastructure. In this approach, both on-premise and cloud applications that need to communicate with each other can use mTLS to make a secure connection. The process is as follows:

  1. The client connects to the server
  2. The server supplies its mTLS certificate
  3. The client verifies the certificate
  4. Once verified, the client supplies its certificate to the server
  5. The server verifies the client's certificate
  6. If the verification passes, the server grants access
  7. The client and server exchange information over an encrypted mTLS connection

ETL With Heroku Private Space and mTLS

Extract, Transform Load (ETL) is a robust and automated method for consolidating data from multiple sources into a target system such as a data warehouse. ETL is the foundation of many critical business functions such as customer data analysis and Business Intelligence (BI) reporting. With this approach, companies can securely ETL data from on-premise systems and other cloud services to Heroku

How Integrate.io Can Help

Integrate.io is an all-in-one platform to build high-performing data pipelines. The tool allows anyone within the organization, such as citizen integrators, to build pipelines without requiring any technical knowledge. The system works by providing prebuilt blocks of code, called integrations, that can be combined into a pipeline. Integrate.io has hundreds of these integrations for a wide variety of systems such as SalesforceGoogle Analytics, and Amazon Redshift to name a few. Sign up for a pilot of Integrate.io and try the platform for free!