GovLoop

Embracing Machine Identity Management

Teamwork Brainstorming Meeting and new startup project in workplace, Quality successful work concept, vintage effect.

One of the advantages of modern IT services is that they leverage both physical machines (computers and other devices) and virtual machines (e.g., applications, containers and code) to exchange data and execute tasks without human intervention.

That makes it possible to design services that are fast, flexible and reliable. But it also raises an important security question: How do you know whether those machines can be trusted?

That’s a question of identity management. Just as humans use passwords, Personal Identity Verification and Common Access Cards to identify themselves, machines use cryptographic keys and digital certificates to identify themselves during a transaction. Just like passwords, those machine identities can be compromised or left to expire. Agencies need to put in place policies, processes and technology to manage that risk.

“In this digital transformation era where machines create machines, an automated machine identity management program is critical to the delivery, availability and efficiency of any DevSecOps team,” said Eddie Glenn, Senior Product Marketing Manager at Venafi, which provides solutions for protecting machine identities.

Three Areas of Risk

Glenn highlighted four key risks associated with machine identities:

The Key Piece: Automation

As agencies look to accelerate application delivery, these security and operational challenges increase. DevSecOps—the integration of the development, security and operations teams—is essential. But the DevSecOps team will struggle to keep up with the mounting number of machine identities without the benefit of automation.

“As government adoption of DevOps increases, there are numerous lessons to take away in terms of automating legacy processes that have many slow and manual interventions detrimental to the success of DevSecOps,” Glenn said.

Glenn suggested agencies follow four best practices:

Venafi’s Trust Protection Platform helps federal agencies manage and secure their machine identities. Using the Venafi Platform, agencies can efficiently orchestrate the entire machine identity lifecycle, keeping communications between machines secure and private.

This article is an excerpt from GovLoop’s recent guide, “Agencies Build Foundation for DevSecOps Success.” Download the full guide here.

Exit mobile version