Machine identities are the digital certificates and cryptographic keys that machines use to authenticate each other and encrypt communications. As such, machine identities are moving to the forefront of cybersecurity thinking. As an auditor, you’re now expected to help your organization discover where these keys and certificates are used, validate their configuration and recommend a remediation plan that updates and strengthens the use of machine identities.
Unfortunately, machine identities are not highly visible in most organizations. Worse, they are rarely understood beyond a handful of PKI or security experts. So, as an auditor, how do you get your hands around a huge and effectively invisible problem?Learn how machine identities impact compliance efforts
Recent headline-making exploits have highlighted the importance of auditing and bolstering machine identities. For example, the Equifax breach went undetected within the network for 76 days because an expired digital certificate blinded a network traffic inspection device to encrypted traffic that was hiding the attackers. With machine identities ensuring the integrity of defensive tools, this kind of defense-in-depth oversight has now become critical.
You may find that it’s increasingly difficult to audit the high numbers of certificates and keys used by the average Global 5000 organization. When creating an inventory, many of these organizations discover over 57,000 “unknown” keys and certificates. That’s more than three times the number of unknown keys and certificates they discovered two years ago.
From this comprehensive understanding, you can begin to draw a picture of the “elephant” that is your machine identity risk posture.
Internal and external auditors need specialized tools to probe for weaknesses and to report on the state of cyber defenses. Your tools should provide you with visibility, intelligence, and automation.