According to Forrester Research, at least half of IT organizations are currently using DevOps to increase the speed and efficiency of application development and deployment. Due to the dynamic nature of DevOps, privileged account credentials, encryption keys, and other “secrets” are rapidly proliferating throughout the IT infrastructure. Many of these secrets are stored in code repositories and cloud environments and shared by machines via containers and microservices. These machine identities create a significant cybersecurity threat if they are not managed and secured like other privileged credentials.
However, CyberArk’s Advanced Threat Landscape 2018 report found that fewer than 25 percent of organizations have a plan for incorporating privileged account security into their DevOps initiatives. The lack of a DevOps security strategy extends to the cloud, as well. Almost three-fourths (74 percent) of the DevOps and security professionals surveyed by CyberArk said they rely on their cloud vendor’s built-in security. That means privileged account security is not fully integrated into DevOps processes when spinning up new environments.
Many DevOps teams are aware of the need to improve security, and some are taking matters into their own hands. More than a third (37 percent) of survey respondents said that compromised DevOps tools and environments are among their organizations’ greatest vulnerabilities. Nearly a quarter (22 percent) have built their own security solutions to protect and manage secrets for DevOps projects.
While homegrown solutions can help, they typically aren’t scalable and often overlook some of the sources of privileged account credentials. They can also create bottlenecks in IT operational processes, impeding the speed and agility of the DevOps pipeline.
At Clango, we’ve developed a consulting practice dedicated to helping organizations take full advantage of CyberArk’s privileged account management (PAM) solutions. Our CyberArk-certified engineers have helped a number of customers implement Conjur, an automated solution that brings PAM best practices to DevOps and cloud-native environments.
Conjur is the industry’s only enterprise-class solution for privileged account security and secrets management on premises, in the cloud, and across the DevOps pipeline. With Conjur, CyberArk customers can truly embrace DevOps without compromising cybersecurity.
Conjur works with the CyberArk vault to secure DevOps secrets and captures all operations and events in tamper-proof audit records. It also integrates with leading DevOps tools and platforms, including Puppet, Chef, and Ansible, and was designed specifically for containerized environments. Built on a distributed, highly available architecture, it provides the resilience, scalability, and performance that organizations need to secure growing DevOps environments.
Clango’s team of CyberArk experts can help organizations add Conjur to their CyberArk implementation and integrate it with the CyberArk vault. Our software developers can also extend Conjur to DevOps platforms and toolsets to streamline workflows and operational processes.
While empowering organizations with greater efficiency and speed, the DevOps process dramatically expands the attack surface across the enterprise. Organizations need a solution that works within the DevOps framework to provide security and control. With Conjur, organizations can securely accelerate modern software deployment through comprehensive privileged account management and secrets protection.
For more information about INSERT, please send us an email at (firstname.lastname@example.org).