Developers pose a unique cybersecurity risk for enterprises. Their need to install and test software and have full internet access exposes organizations to a range of attack vectors. Although organizations use a variety of technologies to mitigate these risks, most of them are inadequate. Many IT leaders are now turning to isolation approaches to provide the heightened security developers need, without impeding their productivity.
Why Developers Are Risky
Developers are typically granted local administrator rights to be able to install dev-related applications, packages, extensions, drivers, etc. Malware that infiltrates their machines usually runs with local administrator rights and can modify settings, harvest additional user credentials and have full network access.
In addition, developers require full access to the internet to download code samples, third party source code packages and libraries, new tools, etc. As the development tool stack rapidly changes, these internet resources cannot be easily whitelisted and often do not work well with web proxies. This full internet access increases the chances of downloading malware, which would probably be able to access its…
