Take Control of Secrets in Your DevOps Environment

DevOps has emerged as a key practice to maintain speed and innovation where technology and software development drives business. Now, at least half of IT organizations are using DevOps, accelerating their ability to release new code to accommodate ever more competitive market demands.

The aim is to improve speed while simultaneously reducing chances of defects and conflicts

To further accelerate the process, DevOps is moving toward Continuous Integration (CI) and Continuous Delivery (CD). CI is a software engineering practice in which frequent, isolated changes are immediately tested and reported on when they are added to a larger code base. CD is a software release approach in which development teams produce and test code in short cycles, usually with a high degree of automation.

The aim is to improve speed while simultaneously reducing chances of defects and conflicts during project integration. IT organizations can spin-up hundreds or even thousands of servers, containers, and applications across their test, development, and production environments. All these assets can be decommissioned just as fast. Integrating CI and CD results in faster builds, which produces quicker delivery to market.

Let’s consider an example of the scale and complexity of DevOps in use today:

A large financial institution has a website for their millions of customers to access their accounts and do business—including changing information, opting in and out of services, transferring assets between internal and external accounts, and more.

Every login and operation triggers multiple microservices across an on-premises data center and multiple cloud infrastructures. Every microservice requires authentication to work with the primary application and needs to do so virtually as fast as the end user can click buttons on the website.

The financial institution desires CI/CD operations to enable almost continuous updates to their services. To do this, they require staging, development and test environments before deploying to a new production environment. This also implies two production environments—the current one and the new one.

The update would be the flip of a switch from the current one to the new one. Now all the related servers, VMs, operating systems, containers, and networking equipment need to be configured and microservices deployed on the four different instances and all of them need their own credentials.  And there must be integration with the variety of DevOps tools they use, such as orchestration (e.g. Jenkins) and configuration (e.g. Puppet, Chef), and those tools all need rapid access to credentials as the various environments are deployed.

The efficiencies gained from these processes have accelerated their adoption and cloud services have augmented the speed and scale of DevOps pipelines. But the rapid, iterative DevOps workflow can expose many security vulnerabilities directly tied to privilege management. Every container, server, and application can have privileged access, dramatically expanding the attack surface for intruders looking for an entry point.

We’ve heard from our customers that they’ve seen significant gains in speed, responsiveness and innovation in their technology pipelines using DevOps. They’re seeing an explosion of tools to help manage their DevOps processes and flows. And they recognize the need for speed in managing privileged accounts across the entire technology stack.

But how do you manage privileged accounts effectively in a DevOps environment? Many organizations are implementing a least privilege approach across all endpoints to harden their attack surface, and DevOps environments must be included in this approach. They recognize the risk of having secrets in config files and credentials embedded in code, or worse, secrets stored in spreadsheets. This creates inefficiency and security risks.

Customers want a vault that’s capable of managing secrets at the speed and scale DevOps environments require

Our customers have asked us for a vault that’s capable of managing secrets at the speed and scale DevOps environments require. Thycotic’s new DevOps Secrets Vault is a cloud-based and platform-agnostic solution designed for automating secrets management to provide DevOps teams the speed and agility needed to stay competitive without sacrificing security.

DevOps Secrets Vault delivers ease of use and reduced overhead with Secrets Management as a Service.  It protects the secrets DevOps teams need to access applications, services, and IT resources with these key features:

  • Command-line interface
  • API access
  • Platform-agnostic solution
  • High-speed secrets access
  • Plug-ins for DevOps Tools

DevOps Secrets Vault can help organizations enable greater agility, ease of use, and reduced overhead. It also allows IT to de-risk operations within dynamic, elastic environments and maximize productivity of development, security and operations teams.

Learn more about this new solution and try it free:

risky applications scared

DevOps Secrets Vault Free

Get started with the free edition and protect up to 250 secrets.



*** This is a Security Bloggers Network syndicated blog from Thycotic authored by Erin Duncan. Read the original post at: http://feedproxy.google.com/~r/Thycotic/~3/FbHmrpmF3us/