It’s common knowledge that machines are far outpacing humans in terms of absolute numbers and in rates of increase. So, when it comes to security, it may not be entirely surprising that machines are doing a better job than humans. While humans rely on user names and passwords to safely interact with the network, machines rely on keys and certificates, or machine identities.
Which one tends to be more secure? (hint: machines don’t make mistakes!)
People are now starting to use the most secure method for their authentication (MFA)
Machines have been using their most secure method for years (x.509 and SSH)
Much like Europe beat the US to chip based bank cards with EMV chip technology, thanks to: Europay, MasterCard International, and Visa International working on it as early as 1993, machines have beat people using the strongest authentication! Yes, people are starting to more widely adopt 2-factor Authentication such as Google, Authy, and Duo Authentication. This is great news! But it’s kind of an old hat for machines.
Since machines have been using certificates and keys for years now, we are trusting them with more of our data and automated work. They are ready to take the next great leap ahead of us in volume. Usage and expansion of our machines is projected to be 25% next year. Not only do they have the jump on us in security, but they also are able to grow, expand, and do more work much faster than us. I don’t see our human numbers out pacing them anytime soon if ever.
If you can’t beat them, join them. Let’s help machines take their next great leap in facilitating their growth and let them do what they do best and work for us. One way that we can help them is to ensure that their methods for authenticating and encrypting our data are up-to-date and secure. Hackers are aware that we trust machines with our data and the tasks that they do for us in mass. Because of this, our beloved machines are being targeted by cyber criminals and used against us to create malicious encrypted tunnels into our networks.
But wait, aren’t machines using strong Public Key Infrastructure (PKI) keys and certificates to both identify themselves and to protect our data? Yes, of course they are. But there are lots of different systems out there and it’s inevitable that there will be flaws that are exposed over time. Would-be hackers are constantly on the hunt for an exposable bug—something that will let them compromise that machine identity to carry out their nefarious purposes. We must help machines protect their identities.
You can help maintain and facilitate their healthy secure growth by:
Stopping Outages. Certificate expiration results in application outages that spell communication death.
Increase Crypto-Agility. Choose who your machines can trust and prepare to react quickly when that trust is broken.
Prevent Breaches. Make sure that you control your machine identities and keep them up to date.
Secure Privileged SSH Access. Clean up your SSH house and limit accessibility to specific authorized personnel.
Ensure Compliance. Prove your machine identities are in order.
Improve Efficiencies. Scale at speed with machine identities. People can’t keep up, but automated systems can.
If you’re doing it right, your machines will be more secure than your humans. If not, you’d better contact Venafi!