Securing Developer Environments: Key takeaways from our August webinar

There’s a spectrum of security requirements for development environments. And there’s a variety of security measures to meet those requirements, from cloud repos with public package repositories to air-gapped, 100% offline setups. Coder supports these and several security measures in between.

Another advantage of Coder’s platform agnosticism is letting you configure your development infrastructure to meet your security requirements. You do this by using your preferred OS, runtime and orchestration platforms, cloud providers, an on-premise hardware. In our August webinar, Tim Quinlan, Coder’s Senior Technical Marketer, gives detailed advice on securing your development environments.

From standard to isolated

Security in dev environments can be seen as a spectrum, from low to high. The higher on the spectrum, the greater the need for protection. This spectrum helps you choose the right security measures for your developer infrastructure:

• Standard: At one end of the spectrum, cloud-based repos and public package repositories meet the needs for environments like an open source project.
• Controlled: In the middle, where you’ll find enterprise organizations, there’s a mix of cloud and on-premise services, and other security measures like a VPN.
• Isolated: At the other end of the spectrum are the highest security requirements, used by organizations like government agencies. Their environments are air-gapped with 100% self-hosted developer infrastructure.

Setting up Coder for your security needs

There are a few techniques that you can choose to implement with Coder for controlled and isolated security. Coder itself already follows industry-standard security practices. You can harden your environments even more by reducing your infrastructure’s exposure to outside services:

• Coder control plane: Instead of using the public Terraform registry, you can fully isolate it to refer to locally-hosted providers.
• Workspaces: Coder lets a productivity team choose how a template gets container images, packages, and IDE extensions, either online or offline.
• JetBrains IDE Backend: JetBrains IDEs use the JetBrains IDE Backend. The IDE installs this backend remotely to run in the remote development environment. For offline setups, you can avoid this by “baking” JetBrains IDE Backend into the workspace.
• Envbox and Envbuilder: Developers use Coder’s Envbox to run system-level software in a non-privileged inner container hosted by a gated outer container. Envbuilder lets a workspace build a new inner container image which it then overlays onto the workspace’s file system. With Coder running on Kubernetes, you can use image pull secrets to let an inner container securely authenticate itself with outside services.

Learn more

Coder supports a wide range of security measures for development environments, from public access to high-security air-gapped self-hosting.

You can find out more about securing development environments by watching the webinar. Register here.

And you can join our other webinars on cloud development environments and Coder, live and on-demand.