A new study by the Ponemon Institute finds that organizations are struggling to manage their multi-cloud and hybrid cloud environments. Seventy percent of respondents say they have little to no visibility into the ownership or purpose of many of the virtual machines in the cloud, while 68 percent say they lack a single user interface into the entire cloud environment. Furthermore, 67 percent say they are ineffective at managing cloud risks, and 58 percent say they are ineffective at managing cloud costs.
Organizations believe that DevOps can help improve cloud management. DevOps is the general term for practices and tools that better integrate software development and IT operations to increase agility and shorten the system development life cycle. Respondents to the Ponemon survey believe that DevOps could improve their ability to complete projects on time (61 percent) and within budget (60 percent) and maintain service quality (69 percent).
However, a substantial gap exists between the value of DevOps and the ability of organizations to achieve DevOps capabilities. While 74 percent of survey respondents said that DevOps capabilities are important or essential, 67 percent rated their ability to deliver DevOps capabilities as low or very low.
Many IT managers will tell you that getting to DevOps is hard. Partly, this is due to cultural change; it’s difficult to get everyone on board for an entirely new approach to the development and delivery of IT services. In addition, once implemented, DevOps can be difficult to maintain and scale as organizational requirements change.
Security can also be a stumbling block. DevOps teams may overlook or resist security measures in their quest for greater speed. The notion that security slows down DevOps processes often results in hardcoded passwords, misconfigurations, and other vulnerabilities that put organizations at risk.
Clango and CyberArk can help facilitate the transition to DevOps while maintaining strong security. CyberArk’s Enterprise Password Vault provides centralized storage and security of privileged account credentials, SSH keys, and other DevOps “secrets” and enables automatic rotation of these credentials according to organizational policies. The vault also enforces role-based access controls, requires administrators to “check out” credentials, and maintains an audit trail of privileged access.
CyberArk’s Application Identity Manager helps eliminate the need to hardcode credentials in software. Applications use an API call to request credentials from the Enterprise Password Vault and are authenticated based on path, hash, and other characteristics.
Clango’s Confide solution helps prevent these security measures from hindering IT operations. The Confide desktop and mobile apps enable administrators to create lists of systems and check out all of the associated credentials at once. This eliminates the time-consuming process of manually searching through the vault to find the passwords needed to perform routine maintenance tasks.
Confide streamlines access to privileged credentials so administrators won’t be tempted to skirt security policies with password retrieval workarounds. The Confide mobile app can even be integrated with the Touch ID feature on smartphones for greater security and convenience.
Organizations view DevOps as the key to effectively managing hybrid cloud and multi-cloud environments. CyberArk helps maximize the security of the DevOps environment, and Clango’s Confide makes it fast and easy for IT operators, administrators, and developers to access the privileged credentials they need.
For more information about Confide, please send us an email at (firstname.lastname@example.org).