Skip to main content
banner image
venafi logo

How DevOps May Actually Improve Machine Identity Protection

How DevOps May Actually Improve Machine Identity Protection

DevOps Machine Identity Protection Worker
July 22, 2019 | Martin Thorpe

DevOps is challenging many of our old assumptions about IT and application development. It’s one of the key contributors to driving the digital transformation from manual to automated systems across the enterprise. And machine identity protection is no exception.

Traditional certificate acquisition and provisioning could take hours, or even days. But DevOps teams are moving too quickly to stop and wait for these manual processes. They require machine identities to secure containers and microservices on the fly. In fact, DevOps is inspiring many organizations to think about how they can bring their machine identity protection into line with the dynamic nature of the new Fast IT. So they’re asking, "Okay, how do we change our processes to allow this to happen?"






 

To give you a concrete example of the status quo, if you want a certificate within a large organization, you need to have a team that is responsible for the certificate. Plus, you need to have requesters within that team, and you also need approvers within that team. If you are a requester, you can't also be an approver, because then you could request and approve your own certificate, and we can't have that because regulatory bodies will not let you do that

And you can't have only one person within the team, because if that person is off, then the certificate might not get approved when it needs to be approved. So, you need at least two requesters and you need at least two approvers. That means you need to have at least four people before you can have a certificate. Because that's the way the systems have always worked.
 


Not only are these traditional processes slow, but they don’t scale well to meet the increasing demand for machine identities. The work that PKI teams are doing with approvals is significantly greater now than it was when they started. And it’s all been a manual process. Not only do they need to manage the requesting and approving of certificates from a financial point of view, they need the crypto team to review the requests to make sure they’re in line with security policies.

It’s a lot of work to verify that departments or business units are requesting the right sort of certificates for the right sort of purposes. That alone is almost one person's full-time job. But now, with advances in machine identity protection, much of that can be automated. And organizations want to automate that.

Following the example of DevOps, PKI teams are thinking about how they can move away from spreadsheets onto automated protection. In fact, many have been thinking about increasing automation and have been wanting to do it for a number of years. After all, there is only so much you can do without radically increasing staffing, not to mention overtime.
 


So, I see the dynamism of DevOps having ripple effects throughout the security infrastructure. Certainly DevOps is driving a paradigm shift, or mindset change, by challenging many traditional assumptions.DevOps inspires a mentality where everything is dynamic. And because you know it's all dynamic, you know what's changing, and it's lots of little changes. That's very much what DevOps and agile are all about. But getting that into everybody's mindset is not easy.

Venafi helps organizations support this vision with dynamic machine identity protection that automates the entire certificate life cycle. This type of automation speeds acquisition and ensures compliance with enterprise security policies.

Are you ready to embrace the DevOps spirit by automating your machine identity protection?
 

 

 

Related posts

Like this blog? We think you will love this.
evolution of DevOps security
Featured Blog

The Evolution of DevSecOps [Interview with Marc Cluet]

Helen: What was it that made you start organizing DevSecOpsDays in London?

Read More
Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

See Popular Tags

You might also like

CIO Study: Certificate-Related Outages Continue to Plague Organizations
White Paper

CIO Study: Certificate-Related Outages Continue to Plague Organizations

Machine Identity Protection for Dummies
eBook

Machine Identity Protection for Dummies

About the author

Martin Thorpe
Martin Thorpe
Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon
Venafi Risk assessment Form Image

Sign up for Venafi Cloud


Venafi Cloud manages and protects certificates



* Please fill in this field Please enter valid email address
* Please fill in this field Password must be
At least 8 characters long
At least one digit
At last one lowercase letter
At least one uppercase letter
At least one special character
(@%+^!#$?:,(){}[]~`-_)
* Please fill in this field
* Please fill in this field
* Please fill in this field
*

End User License Agreement needs to be viewed and accepted



Already have an account? Login Here

×
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more
Chat