(June 14, 2017)

Authorization and authentication with Microservices

Logging in to a website is so easy: I enter my username and password and can use the site. That's it.

What seems so simple is actually simple if the site is based on a monolithic application. But what if a website is powered by multiple microservices? How do the microservices know that a user is who s/he claims to be, and how can this be handled efficiently? The use of JSON Web Tokens can provide a secure and high-performance solution here.

Read more »
(May 17, 2017)

5 tips to prevent your system from getting infected by ransomware attacks like WannaCry

As many of you probably know, on May 12th, an international cyberattack started infecting more than 230,000 computers in over 150 countries with the worst-hit countries being Russia, Ukraine, India and Taiwan and including many others worldwide. In Europe, some of the worst hit enterprises were Telefonica, FedEx, Deutsche Bahn, Latam Airlines and parts of Britain’s National Health Service.

Read more »
(February 17, 2017)

JSON Web Tokens: How to authenticate users in a microservices environment

Logging in to a website seems to easy: Enter user name and password and you are good to go.

Read more »
(February 10, 2017)

CIOs’ top three priorities in 2017 – how can Enterprise Architecture help?

The new year has arrived and now is a good time to get familiar with the CIOs’ key strategic priorities and concerns they have in mind for 2017. The Nomura Holdings CIO Survey does just this by examining their budget priorities for this cycle.

Read more »
(February 08, 2017)

GDPR EU compliance – an opportunity for Enterprise Architects?

The General Data Protection Regulation, or GDPR EU (Regulation EU 2016/679 of the European Parliament and of Council of 27 April 2016) is a regulation of the European Union introduced to improve and unify personal data protection of individuals within the European Union. It enters into application in May 2018. 

Read more »
(October 04, 2016)

IT Security Management - an EA-driven approach with LeanIX Survey

As the requirements mentioned in our previous posts in our series on IT Security Management with LeanIX Survey clarify, a purely technical approach alone is not enough. In the current business environment, it will hardly be possible anymore to completely seal off one’s own IT landscape. Companies should instead follow a lean IT security management approach that makes it possible for them to iteratively improve their IT security:
Read more »
(September 04, 2014)

Critical SSL bug discovered - how leanIX protects customer data

On April 7th a security issue has been discovered in the Open-Source software OpenSSL. This widely used library encrypts all data exchange between webservers and browsers. Due to a programming error in OpenSSL it is possible to read a certain memory area on the server. Unfortunately this area is sufficient to steal the private key used for the encryption of the traffic. If an attacked gets hold of the private key, he could decrypt the data between browser and webserver. As the bug is located in the so called "heartbeet" function of OpenSSL, it was named "Heartbleed-Bug".
Read more »

Subscribe to Email Updates