Securing the Digital Transformation

By David Geer

DX Everywhere

If innovation were the Kentucky Derby, Digital Transformation (DX) would be out of the starting gate and galloping toward the first turn with an early lead by a length and a half!

DX is expanding across industries from healthcare and finance to technology and telecom, and the life sciences and retail. A recent IDC study confirmed that enterprises are making significant investments in technologies and services that enable the digital transformation of their business models, products and services, and organizations to the tune of $1.18 trillion in 2019, an increase of 18% over 2018.

As companies drive DX initiatives, their attack surfaces are sprawling amid an ever-increasing threat landscape. Containers and microservices alone are multiplying like rabbits. Each new container needs new connections and access credentials on arrival, and at a millisecond’s notice.

It’s unthinkable to set those credentials loose unprotected when 74% of breaches involved privileged credential abuse, as 1,000 IT decision-makers affirmed in Centrify’s recent Privileged Access Management (PAM) Survey.

Are organizations in the DX considering Privileged Access Management, Least Privilege Access, and a Zero Trust security approach as they connect cloud environments, mobile workers, developers, and containers one to another?

Digitization Transforms the Threat Landscape

The digital transformation means digitizing business processes by creating independent, modular microservices that you can unite to form new applications in the cloud. That’s an expanding attack surface on the cloud front, the developer front, and the container front as developers access and program microservices, which thrive in cloud-based container clusters.

In digital transformation efforts, companies kill and create millions of containers that need new credentials and connections every time they are reborn. If organizations can’t keep up by securing privileged credentials for every container, every time, then each one becomes a sign on the Internet, saying, “Hey, criminals, we’re open for business; come on in!”

Mobile workers depend on mobile devices for enhanced productivity. These devices connect to the cloud and the enterprise apps that you are transforming through increased automation and digitization, a significant threat vector for criminal hackers seeking access to the enterprise. Companies need to secure employees access no matter what the device with Just-Enough, Just-in-Time Privilege so they can complete their work with sensitive enterprise data. Add Adaptive Multi-factor Authentication (MFA), and businesses can dump criminal hackers posing as users when they don’t answer the authentication challenges.

While the cloud and cloud applications are critical to DX, they pose risks, as well. As the DX drives increasing cloud adoption, more third-party vendors and partners require access to enterprise apps and data in the cloud. With that access comes all the security risks of third-parties like the ones that allowed staggering blows against titans such as Target, Under Armour (the MyFitnessPal unit), and dozens of others. Every third-party needs Privileged Access credentials cradled in a Zero Trust model, given the risks and the record breach fallouts.

Companies need to manage privileged access for admin users, remote workers, outsourcing partners, services, and machines—anyone and anything that gets elevated privileges—in their expanding digital environments. Without centralized control of all of it through a single solution, how can organizations find transparency into the DX and assess and stabilize their security posture going forward?

Centrify Cloud-Ready Zero Trust Privilege for Every Credential in the DX

Applications, containers, mobile, clouds, and development environments form a complex arena where trying to manage credentials and keep each one secure is like a juggler racing to keep 100 plates spinning on sticks without losing a single one to a sudden crash on a hard floor.

Centrify Cloud-Ready Zero Trust Privilege protects the privileged credentials organizations need for Docker, CoreOS, and microservices with granular privilege management and Multi-factor Authentication (MFA). Zero Trust Privilege secures the cloud with privileged access control, MFA, and activity monitoring and reporting.

Centrify secures access to DevOps environments (e.g., DevOps tools, service accounts, cloud management console/CLI, containers, container hosts, and container management platforms) with controlled privileged access while auditing privileged activity, so you know who and what has touched your development pipeline.

Don’t ride the DX wave into the future on a ship with holes in its hull. Protect your organization with a Zero Trust approach to Privileged Access Management that can span across all modern attack surfaces: Centrify Cloud-Ready Zero Trust Privilege.