In today's technological age, Development and Operations (DevOps) capabilities are essential to ensuring that an organisation achieves high productivity. Indeed, the skill set of a typical system administrator has now evolved to the point where it is now necessary to automate administrative tasks.
Nevertheless, implementing DevOps practices could also introduce vulnerabilities and jeopardise data or credential integrity. This is according to a Wallix whitepaper, which subsequently highlighted the urgent need to secure DevOps activities.
DevOps in the enterprise
Digital transformation has catalysed a wealth of new business models, making "box on the shelf" software redundant. Today, users buy licenses and connect to a service platform through a web browser or through an app.
As a result, companies no longer develop online services but also host, administrate and scale them for a wider audience. In turn, it is now necessary to develop effective software, manage hardware, and ensure the continued availability of services.
In effect, enterprises now need to have both development and operational skills. Automation is also a key element of DevOps, as it enables businesses to scale and administrate complex infrastructure which requires some important but repetitive and basic tasks.
The need for secure DevOps
As it is a vital element of a company's task force, DevOps must have access to critical infrastructure and data. It is thus not viable to limit or regulate their activity as this undoubtedly leads to reduced efficiency and productivity.
Rather, it is necessary to provide DevOps with an environment that is secure by design. According to the whitepaper, the first step is to establish a perimetric protection, which concerns internal systems as well as external hosting.
Although perimetric protection is undoubtedly a step in the right direction, it is not entirely sufficient. Instead, an enterprise's ecosystem now requires an appropriate set of tools that incorporates security, without neglecting efficiency.
Recommendations
In order to secure DevOps, Wallix recommends following a number of best practices. For example, it is critical to establish "not only what actions can be performed on which resource, but also to outline the interconnection between resources, how data is stored, and how it is secured."
Next, privacy by design is critical so that DevOps can seamlessly integrate full data protection. Security by design is also necessary, which a simple and transparent solution such as Privileged Access Management (PAM), ensures.
Finally, enterprises must address hard-coded passwords and password protection tools should be easy to use. In order to achieve this, Application-to-Application Password Management, which consists of a local safe storing the requested password, can be synchronised with a Privileged Access Management vault.
Looking to unravel your preconceptions surrounding DevOps? Listen to our podcast with industry analysts on Demystifying DevOps
