Awareness is the initial step in addressing the problem, but firms can take further, more specific measures to resolve the machine-identity dilemma.
Managing machine identities can be as crucial as managing human identities, especially in a zero-trust environment. Machine identities represent a substantial and rapidly expanding portion of the enterprise’s threat surface. The number of equipment, including servers, devices, and services, is increasing rapidly, and measures to protect them are frequently insufficient. Cybercriminals and other threat actors have seized the opportunity. According to ‘The Top 8 Security and Risk Trends’ research by Gartner, over the past five years, cyberattacks and the misuse of machine identities, have risen. However, much as with human identities, machine identity can also be abused if it falls into the wrong hands.
Businesses frequently place an excessive amount of faith in the network machines. This allows them to connect to other networked resources without requiring human intervention or conventional authentication methods. Consequently, an attacker might traverse the network via these machine-to-machine paths if a machine is compromised. Fortunately, businesses are beginning to see the problem.
Awareness is the initial step in addressing the problem, but firms can take further, more specific measures to begin resolving the machine-identity dilemma. Here are a few examples.
Frequently change keys and certificates
When keys and certificates are static, they are susceptible to theft and re-use. The majority of credential stuffing attacks have switched from human usernames and passwords to API credentials, which are machine identity proxies. As API ecosystems experience rapid expansion, this issue will only become more complex. Inadequate management of machine identities might result in security flaws. In the worst-case scenario, attackers can simultaneously eradicate large parts of the IT ecosystem. Using a legitimate certificate and a known API call, an attacker can get access to process controls, transactions, or vital infrastructure with catastrophic implications.
To prevent this, businesses must implement stringent authorization of source machines, cloud connections, application servers, mobile devices, and API interactions. Importantly, trusted certificates should be periodically modified or updated. Changing credentials for every transaction can be challenging, but organizations will have a better and more secure environment by updating certificates frequently. Moreover, organizations must have systems to rapidly revoke certificates and keys when devices or processes are retired. Businesses must eliminate implicit trust from their computing infrastructure and replace it with real-time, adaptive trust.
Adopt solutions for machine-identity management
Identity and Access Management (IAM) technologies include machine-identity management. According to a Gartner report ‘Hype Cycle for Identity and Access Management Technologies’, two to five years remain before machine-identity control reaches its production plateau. Organizations are deploying or preparing to adopt automated machine-identity management workflows, machine-identity management as a service, or the capacity to manage certificate lifecycles on hybrid deployment models. However, few organizations have implemented modern machine-identity management in its entirety. In most organizations, machine identity ownership is implied rather than explicitly assigned. Consequently, many organizations adopt a siloed strategy for machine-identity management. Organizations can consider assigning the management of all machine IDs to the core, cross-functional groups.
Having automated workflows as part of their machine-identity management benefits businesses considerably. IT security decision-makers anticipate that automation will save costs, decrease the time required to manage keys and certificates, and simplify and streamline procedures. Automation is necessary and without it, digital transformation projects stagnate. Automation will also lessen the likelihood of human error, leading to security vulnerabilities.
Include machines in zero-trust plans
Zero trust is an essential, if not the most important, security requirement for businesses today. Zero trust is not limited to forcing users constantly to be completely authorized. It also applies to equipment and processes. Device identity management is essential in the more recent zero-trust security architecture. When an enterprise device is not granted a trust status on the network, it must have a method for identifying and authorizing interactions with other devices, services, or data.
For more such updates follow us on Google News ITsecuritywire News