SBN

ThycoticCentrify Report: 57% of Organizations Suffered Security Incidents Related to Exposed Secrets in DevOps

Survey commissioned from Forrester reveals that centralizing secrets and using consistent tools is the key to securing DevOps innovation 

Redwood City, Calif. and Washington, D.C. November 16, 2021 ThycoticCentrify, a leading provider of cloud identity security solutions formed by the merger of the privileged access management (PAM) leaders Thycotic and Centrify, today published a new survey report from Forrester that addresses the security innovation paradox in DevOps environments. While revealing that over half of organizations have experienced security incidents related to exposed secrets in the past two years, it also paints a troubling picture where only 5% say that most of their development teams use the same secrets management processes and tools.

The Forrester Opportunity Snapshot report, commissioned by ThycoticCentrify in Spring 2021, titled “Secure Innovation Requires Making DevOps Secrets Management Invisible,” surveyed 227 identity and access management (IAM) decision makers and 160 members of development teams in North America, EMEA, and APAC. While 68% of developers agree that management prioritizes security over release dates, 53% of IAM leaders claim developers lack the understanding or ability to implement proper security controls. The report also finds that while both IAM leaders and developers want to simplify access management, secure access controls are often too manual and full of friction, bottlenecking innovation.   

“The migration to cloud and the drive to microservice architectures require a shift to automated application delivery. These new application architectures must be designed with security in mind to ensure compliance and protect the integrity and reputation of the company,” said David McNeely, Chief Technology Officer at ThycoticCentrify. “Securing these new applications should be easy for developers, while simultaneously enabling the flexibility that operations teams need to respond to the demands of the business. This report provides encouraging validation that both security leaders and developers want to centralize and embed secrets management into the tools already in use in continuous integration, continuous deployment pipelines.”

The key to solving this challenge is to make secrets management invisible to developers and DevOps teams, who agree that doing so would improve their experience (63%) and productivity (69%). To accomplish this, 76% of IAM leaders are looking for purpose-built PAM for DevOps solutions that would help development and security teams work better together.

ThycoticCentrify’s PAM for DevOps secrets management solution, DevOps Secrets Vault, enables organizations to centrally manage, control, and audit secrets for automated processes that operate without human oversight. DevOps Secrets Vault improves productivity for both developers and security teams by reducing friction, embedding automated secure access controls into the DevOps process.

ThycoticCentrify recently introduced geolocation-based routing to ensure customers automatically route to the cloud service closest to their data centers to optimize performance and ensure active failover. The solution is continually improved for ease-of-use, now allowing non-DevOps users the ability to view and manage DevOps Secrets Vault via a user interface versus the Command Line Interface (CLI). 

To download a complimentary copy of the report, visit www.thycotic.com. To learn more about ThycoticCentrify’s PAM solutions for DevOps, visit https://thycotic.com/products/devops-secrets-vault-password-management/.  

About ThycoticCentrify

ThycoticCentrify is a leading cloud identity security vendor, enabling digital transformation at scale. ThycoticCentrify’s industry-leading privileged access management (PAM) solutions reduce risk, complexity, and cost while securing organizations’ data, devices, and code across cloud, on-premises, and hybrid environments. ThycoticCentrify is trusted by over 14,000 leading organizations around the globe including over half of the Fortune 100, and customers include the world’s largest financial institutions, intelligence agencies, and critical infrastructure companies.

© Thycotic Software, LLC and Centrify Corporation 2021. ®Centrify and ®Thycotic are registered trademarks of Centrify Corporation and Thycotic Software, LLC respectively. All other trademarks are property of their respective owners.

Contact
Brad Shewmake
ThycoticCentrify
[email protected] 
+1-408-625-4191

John Kreuzer
Lumina Communications
[email protected]
+1-408-963-6418

*** This is a Security Bloggers Network syndicated blog from Thycotic authored by Brad Shewmake. Read the original post at: https://thycotic.com/company/blog/2021/11/16/thycoticcentrify-report-57-of-organizations-suffered-security-incidents-related-to-exposed-secrets-in-devops/

Avatar photo

Brad Shewmake

Brad Shewmake is Director of Corporate Communications at Centrify Corporation and Chairman of Identity Management Day. He has over 20 years of experience leading communications programs at industry-leading enterprise software companies as well as global consumer technology leaders and startups.

brad-shewmake has 9 posts and counting.See all posts by brad-shewmake