The pandemic fundamentally shifted expectations for developers working remotely or in a hybrid model, where they expect to come to the office far less than they did in years past.
From a November update to the Harness Developer Satisfaction Survey, 74% of respondents indicated that they want to continue working remotely once their company fully returns to in-person work. (The New Stack has reported the benefits of remote work previously.)
Having developers work remotely also comes with some challenges for companies, with the increased risk of code exfiltration by employees who potentially want to take projects with them and the potential complexity around configuring dev environments without the more homogenous infrastructure that comes with supporting a team from a single campus.
To address these challenges, itopia has announced its new fully-managed, ready-to-code itopia Spaces cloud environments. These environments are cloud workspaces designed to be launched from a browser, complete with all necessary preconfigured dependencies in place and configurable security controls to help dictate what developers can and can’t do when working from their remote workspaces.
Improving Security for Remote Teams
Spaces is based on Selkies, the open source stateful workload operator originated by the Google Cloud team. This implementation leverages server-side rendering, which means source code is not sent to browsers in text format, reducing the risk of scripting attacks and browser vulnerabilities.
“Developing on Spaces is inherently more secure than conventional development workflows by virtue of Spaces being a web app,” Jan Van Bruggendeveloper relations lead for itopia, told The New Stack.
“By moving development environments into the browser, project source code is downloaded and stored in the cloud instead of on all developer laptops. This endpoint isolation prevents physical exfiltration of code from lost, stolen, unreturned laptops, ensuring that an active authorization is always required to view a project’s codebase.”
Balancing Security and Productivity
Maintaining a delicate balance between developers having a seamless work experience and systems administrators protecting corporate interests is a consistent challenge. Spaces allows administrators to define network policies, prevent copy/paste, implement session timeouts, and provide one-click offboarding for departing developers.
With regard to potential developer friction, Van Bruggen said, “The only productivity/security tradeoffs are related to opt-in security features for your team’s administrators.
“For example, a strict network policy may prevent developers from on-the-fly downloading a helpful executable from a website they trust. However, any such productivity obstacle can be overcome by an administrator updating a space’s configuration to provide exactly what their developers need.”
Spaces uses single sign-on and developers are granted superuser privileges within each space. The video below provides a preview of what the internal development environments look like.
Migrating to Spaces
For teams that are considering a move to Spaces from their existing development environments, itopia recommends an incremental approach.
“Existing developers will want to get comfortable with their new ‘virtual second laptop’ by porting their personalizations or trying its defaults for a few simple tasks per week,” Van Bruggen said.
Meanwhile, new team members can avoid waiting for company hardware by signing in from their personal computer, diving into using the team’s spaces as the only dev environments they’ll ever need for work.”
The timeline to migrate can be compressed by automating environment configuration via configuration-as-code. Transitioning is further simplified by leveraging pre-configured images.
Reducing the Need for Multiple Environments
One potential benefit of a move to Spaces is eliminating the complexity of maintaining multiple development environments on the same physical machine.
“Many developers work on multiple projects/sub-projects with different environment requirements, so it’s currently on those individuals to enforce local separation between those project environments,” Van Bruggen said.
“However, it’s difficult to prevent system-level dependencies from bleeding across those artificial boundaries without manually containerizing, switching user accounts, or switching laptops altogether.”
Spaces addresses this challenge by containerizing individual projects and reduces the need to figure out whether something works on the local machine or not. This cuts down on the debugging of hardware and operating systems that often comes with configuring an environment for a specific project.
Itopia estimates that roughly half of all maintenance labor and virtually all onboarding labor associated with ramping on a new project is eliminated through the use of Spaces.
Launch customers include Neustar and 8base. “We have software developers around the globe,” noted Albert Santalo, founder and CEO of 8base, about itopia Spaces. “Improving their productivity while protecting the security of our codebase in today’s hybrid work environment is crucial to us.
“Itopia helps us ship products faster and more securely, without disrupting our existing developer workflows.”
Spaces is hosted in Google Cloud on dedicated Google Kubernetes Engine (GKE) clusters. If this approach to development environments seems interesting to you, itopia Spaces is available as a 14-day trial via itopiaspaces.com or on the Google Cloud Marketplace.