Skip to main content
banner image
venafi logo

Why It’s Hard to Become a Digital Company without Machine Identity Management: The Cherries and Cake Dilemma

Why It’s Hard to Become a Digital Company without Machine Identity Management: The Cherries and Cake Dilemma

cake with a cherry on top
July 29, 2019 | Stephane Dorchin


“We’re a digital company or we want to become one in the next few years”.

 

How many times have we heard this? In all honesty, every time I meet with a company, I more or less hear this same message.

 

I’m very pleased to hear (and proud) that France and the European Community are working hard to become digital like the US, and we are bridging this gap very quickly.

 

But what is the price of this and for our cyber security strategy and  teams?  

As I mentioned in my last post, the US has had almost 2 decades to build their digital economy and adjust their levels of defense in this area. In Europe we want to do this in a maximum of 5 years, focusing on the need to become competitive in the digital world whilst forgetting we’re also becoming more vulnerable at the same time.

 

And yes, Europe is more vulnerable than the US. You can always find companies or people very well prepared and protected against cybercriminals, however

 

"the vast majority of European companies and citizens are not well prepared to live in this digital world."

 

Let’s talk about the businesses where we work.

 

What a wonderful world it is now! We have desktops, laptops, tablets, smartphones, apps, code, services, datacenters, the cloud, the internet—and a lot of connected objects. All are just machines, created or built to serve us; to accelerate the digital transformation of our economy and of our companies.

 


 

Machines Drive the Most Change - Are Least Understood

 

Machines are responsible for the main changes in our world, but they are also more complex, more numerous, more powerful, more critical but also less understood, less managed and less visible.

 

Are they invisible? Hopefully not.

 

We need to decide whether we to let them proliferate without controlling who they are. But we also should know if these machines are still the same as when we allowed them access to our network, to manage our data, to transfer our money all to another machine.

 

A little voice in my head says,”Hold on Stephane please, we have cyber security teams., Our companies already spend money to defend our business, our data and our customers.’’

 

Yes, we are spending money but not in the area of managing machine identities. When I speak to cyber security professionals, they all talk about how to protect human digital identities, but a very small minority talk about how to govern and control machine identities.

 

Yes, wake up guys! We built the digital world and we made the rules. And one of these rules is simple: to access the digital world you have to be identified and recognized as a trusted person … or as a trusted machine.

 

“Oops … what do you mean Stephane that machines also need to be identified? “

 

Machines Identities Are at Greater Risk of Getting Hacked than Human Identities

 

Don’t be naïve, machines are connected to our network and they have the same chance to be hacked as a human, more chance I would say.  A machine is silent, a machine is dumb, a machine will never complain; not alerting us if something goes wrong with its identity. It’s time to stop playing with the machines in a digital world.

 

The upside is that more and more companies are becoming aware of this issue and want to take control back. The downside is that machines are far more numerous and diverse than humans, and almost no-one knows where to start or everybody wants to start from a different point.

 

This is where the cherries on the cake analogy starts to play out.

 

Many companies are focusing on the cherries, or the topping for the cake. In machine identity terms, we would refer to this as governance and automation. This is understandable—automation is mandatory to eliminate outages, to reduce the burden on the operational teams who manage the certificates on a day-to-day basis and to help these teams become more agile and reactive. Likewise, governance is required to define the rules and roadmaps.

 

Cake before the Cherries: Find all of your machine identities [then protect them]

 

But what is the cake? Before I answer that, let me ask what do you want to govern and what do you want to automate? If you don’t have visibility into your machines, you will not able to govern or automate them. Or you will do so badly, or only partially, and you will end up wasting money. So visibility is your cake.

 

In my next blog, I’ll discuss why all companies or cyber security teams accept that visibility is key to solving the challenge of managing and protecting machine identities.

 

 

Related posts

 

 

Like this blog? We think you will love this.
image representing big data
Featured Blog

Was ist homomorphe Verschlüsselung, und wie wird sie verwendet?

Was ist homomorphe Verschlüsselung? Zweck der

Read More
Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

See Popular Tags

You might also like

TLS Machine Identity Management for Dummies
eBook

TLS Machine Identity Management for Dummies

Certificate-Related Outages Continue to Plague Organizations
White Paper

CIO Study: Certificate-Related Outages Continue to Plague Organizations

About the author

Stephane Dorchin
Stephane Dorchin

Stephane is the Southern European Director for Venafi and has over 20 years of experience in the cybersecurity industry. His career has included key player roles at Nasdaq BWise, Iron Mountain Digital and Symantec.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon
Venafi Risk assessment Form Image

Sign up for Venafi Cloud


Venafi Cloud manages and protects certificates



* Please fill in this field Please enter valid email address
* Please fill in this field Password must be
At least 8 characters long
At least one digit
At last one lowercase letter
At least one uppercase letter
At least one special character
(@%+^!#$?:,(){}[]~`-_)
* Please fill in this field
* Please fill in this field
* Please fill in this field
*

End User License Agreement needs to be viewed and accepted



Already have an account? Login Here

×
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more