The Home of the Security Bloggers Network
Home » Security Boulevard (Original) »
Teleport today announced that the open source Teleport Access Plane it created to provide IT teams with identity-based access to IT infrastructure is now available for both Windows Desktop and Windows Server.
The Teleport Access Plane was previously only available on Linux. Teleport has gained traction as a security gateway that comes in the form of a single binary that acts as a proxy for remotely accessing IT infrastructure.
Teleport CEO Ev Kontsevoy said with added support for Windows platforms, an IT organization will be able to standardize on a gateway and eliminate the need for internal IT teams to have individual passwords for every IT platform they access whether on-premises or in the cloud.
That identity-based approach also allows IT teams to ensure that no former employees can access IT infrastructure once they leave the organization. A survey of 1,000 IT and security professionals published today by Teleport finds 83% of respondents said they cannot guarantee that ex-employees can no longer access their infrastructure.
Well over half (59%) of IT, DevOps and security professional respondents said they are “concerned” or “very concerned” about ex-employees leaving with secrets and/or knowledge about how their organization accesses infrastructure. More than half of respondents (53%) also said their organization implemented new security methods that employees failed to adopt.
The survey also noted that managing access is now more challenging than ever. Three in five organizations are running applications in virtual machines, containers and Kubernetes, while 61% currently employ three or more databases. A full 61% of respondents said their organization experienced a time when an engineer has been unable to contribute to the resolution of an issue because of access issues.
More challenging still, the survey also found nearly half (46%) of organizations must adhere to three or more compliance mandates.
Overall, 95% of survey respondents somewhat or strongly agree that greater visibility is critical to their business’s success, with 86% expecting their budget for infrastructure access technologies to increase in the next 12 months.
A major driver of that spending is the emphasis being placed on zero-trust IT architectures in the wake of a series of high-profile cybersecurity breaches. A full 86% of survey respondents said moving toward a zero-trust architecture is important or very important for their organization. More than three-quarters said moving toward passwordless infrastructure as important or very important for their organization.
A full 70% said they still use passwords to grant infrastructure access, with over half (53%) using virtual private networks (VPNs). Just under a third (32%) said they currently rely on short-lived identity-based certificates to grant infrastructure access. However, in all those cases—and in the absence of a security gateway—it’s relatively trivial for a malicious actor to escalate their privileges once they compromise a credential.
The obstacles to achieving those security and access goals are as much cultural as they are technical. More than half of respondents (54%) said three or more departments are responsible for infrastructure access in their organization, with security (40%) and DevOps and engineering teams (33%) the departments most commonly involved. In total, 84% of respondents view developer productivity as a “big” or “major” factor when implementing infrastructure access is considered. In the age of the Great Resignation, Kontsevoy said it’s critical for organizations to remove as much friction as possible from IT processes to help keep staff turnover to an absolute minimum.
Finally, 89% of respondents noted they view moving toward just-in-time access to infrastructure as important or very important for their organization.
As organizations review their software supply chains, it’s only a matter of time before the ways in which access to IT infrastructure is granted falls under greater scrutiny. The days when IT organizations could rely on easily-compromised passwords is coming to an end. The issue now is how quickly a transition to a more secure identity-based approach to security can be made across the entire enterprise.
Mike Vizard is a seasoned IT journalist with over 25 years of experience. He also contributed to IT Business Edge, Channel Insider, Baseline and a variety of other IT titles. Previously, Vizard was the editorial director for Ziff-Davis Enterprise as well as Editor-in-Chief for CRN and InfoWorld.
mike-vizard has 354 posts and counting.See all posts by mike-vizard
The Home of the Security Bloggers Network