Surprisingly, one of the major threats to the security of enterprise IT and cloud computing is insiders. From employees to bad actors with administrative credentials, insiders are dangerous because of the broad systems access they require to do their jobs. Insiders have the ability to misuse or abuse their authorized access to data, networks, and applications to steal or damage data, algorithms, and other sensitive information.
Enterprises everywhere are looking to solve this problem. Secure enclaves establish a more secure, comprehensive approach to protecting data, applications, and storage from insiders and third parties wherever they’re executed and stored—on-premises, and in both private and public clouds.
A secure enclave provides CPU hardware-level isolation and memory encryption on every server, by isolating application code and data from anyone with privileges and encrypting its memory. With additional software, secure enclaves extend that protection to both storage and network data for simple full-stack security. Secure enclave hardware support is built into all new CPUs from Intel and AMD and is available on AWS, Microsoft Azure. and other cloud services.
This leaves organizations with a fundamental challenge. How to make data available where appropriate, but ensure it is unavailable to insiders?
Solving one security challenge creates another. How do you effectively manage the machine identities—digital certificates and cryptographic keys—needed for encryption? Anjuna Security, secure enclaves experts, have joined the Machine Identity Management Development Fund to ensure machine identities are fully protected in the process. In this continuing interview series with developers, I have the pleasure of speaking with Ayal Yogev, CEO at Anjuna.
Bridget: Please start by telling me about Anjuna Security.
Ayal: My cofounder Yan Michaelevsky and I started Anjuna because we saw a big problem in the military and commercial world. Yan and I served together in the Israeli military and saw situations where data in insecure locations needed to be protected. Later, I saw a similar issue when I ran product development for OpenDNS (acquired by Cisco), where there were vulnerabilities in the ways keys were protected. This issue was already being addressed in academia. Yan worked on related cryptographic issues while getting his Ph.D. at Stanford with Dan Boneh, a leading academic cryptology researcher.
Anjuna Enterprise Enclaves software provides simple, secure enterprise-class application and data protection, virtually invulnerable to malicious software, IT insiders, and bad actors. This enables IT to safely run workloads within the isolated and encrypted confines of a secure enclave anywhere, and “as is” without recoding or modifying the application’s host, VM or container.
Enclaves probably deserve an explanation. Put simply, they are a private region of a host’s memory whose contents are protected—unable to be either read or saved by any process outside the enclave itself. Enclaves ensure that any data or applications running within its perimeter are encrypted and unaddressable, even when the host is compromised physically or by malicious software. Enclaves are enabled by secure proprietary instruction sets built into leading CPUs and clouds. Anjuna makes it simple to deploy applications into the secure confines of a secure enclave and extend protection to storage and network communication.
Bridget: How are secure enclaves changing the machine identity challenge for InfoSec and DevOps teams?
Ayal: When security teams need to protect machine identities in cloud and DevOps pipelines, they often consider hardware security modules (HSMs). However, HSMs were developed for fixed data center architectures. Unfortunately, new cloud-based HSM services continue to have these limitations and only move the point of inflexibility to the cloud.
Anjuna solves this problem for DevOps, cloud, and security teams by leveraging local processor security features, including a root of trust, to secure the software and networks that distribute certificates.
By securing the individual application in a trusted execution environment, security architects can rethink and re-architect how they deploy sensitive applications such as secrets and key management. You no longer need to worry about burdensome host access controls, and you can also reduce inflexible security zones. Data and applications are secured by default and inaccessible to anyone or any process.
Without any code or DevOps process changes, Anjuna enables existing applications to enjoy runtime security that avoids the possibility of compromising data in use, at rest, and in motion. Using trusted execution environments supported by Intel® SGX, AMD SEV, AWS Nitro, and other solutions, Anjuna assures the workload integrity through remote attestation, so that your sensitive application runs only in the designated target environment.
Bridget: How can Venafi customers take advantage of this approach?
Ayal: With sponsorship from the Machine Identity Management Development Fund, we are enabling Venafi customers to protect machine identities without the limitations of traditional HSMs. We have created the configuration, documentation, and required scripts for Venafi Platform agentless provisioning TLS machine identities for Apache and NGINX. We are also delivering the configuration, documentation, and required code for operating Venafi VCert with Anjuna. These will be published to the Anjuna-security GitHub under the Apache 2 license and will be simple to deploy.
The Anjuna Enterprise Enclave integration is targeted for availability in Q4 2020. You can learn more from the Venafi Marketplace. And stay tuned for future interviews with Machine Identity Management Development Fund recipients.
This blog features solutions from the ever-growing Venafi Ecosystem, where industry leaders are building and collaborating to protect more machine identities across organizations like yours. Learn more about how the Venafi Technology Network is evolving above and beyond just technical integrations.