New release consolidates identity-based access and audit for engineers, infrastructure resources and code, dramatically improving supply chain security
Teleport, leading provider of Identity-based Infrastructure Access Management, announced the availability of Teleport 9, the latest edition of the open-source Teleport Access Plane. This latest release introduces Teleport Machine ID which delivers identity-based access and audit for infrastructure resources like servers and databases, CI/CD automation, service accounts and custom code in applications such as microservices. By consolidating identity-based credentials for engineers and the applications they write, Teleport closes the identity loophole that enables compromised infrastructure and code to be used in cyberattacks.
Top iTechnology Cloud News: Fivetran Deepens Relationship with Google Cloud: Partner for Google Cloud Cortex Framework and Launch Partner for Google Cloud Ready – BigQuery Program
“Teleport gives identity-based access controls to developers and, now, also to the code they write,” said Ev Kontsevoy, co-founder and CEO, Teleport. “With Teleport 9, organizations can enforce the same consolidated identity-based access policies to machines as they use for developers, dramatically reducing overhead, improving security and easily meeting compliance requirements.”
With over 100 million physical servers, more than one billion virtual servers and an estimated 35 billion connected devices worldwide, malicious code has never had greater ability to mount an attack using an organization’s own computing infrastructure. To prevent this, it is essential that organizations configure zero-trust authentication and authorization for their infrastructure resources and developer coded applications like microservices as well as for their engineers with only the minimal, or in some cases zero-standing privileges. This eliminates the risk of stolen credentials and minimizes the blast radius of an application vulnerability. Additionally, defining access policy for both humans and applications in a single solution dramatically reduces operational overhead.
Current approaches to machine-to-machine access operate on outdated security principles like reliance on hard-coded shared credentials (e.g. passwords or API keys) and old-fashioned perimeter security, bypassing even basic security measures such as authentication and encryption inside the perimeter.
Machine ID solves these issues with a fully automated Certificate Authority (CA) designed to programmatically issue and renew short-lived certificates that give an identity to developer coded applications. Along with the identity Teleport already provides for engineers, this creates a single source of truth for defining and enforcing access policy for valuable data. With a scalable approach to machine access, Teleport 9:
Top iTechnology Security News:Â Red Sift Strengthens Email Security For Cybersecurity-First Organizations Hosted on Microsoft Azure
- Simplifies certificate management for IT infrastructure;
- Reduces the blast radius for supply chain attacks on infected or hacked services;
- Unifies access policy and access controls for both engineers and applications; and,
- Lowers operational overhead and increases security and compliance.
By providing a unified identity-based access solution for both engineers and machines, Teleport 9 empowers organizations to implement security best practices and meet compliance requirements. Through Teleport, the identities of all users, infrastructure resources and custom coded applications are mapped to specific roles that authorize the resources they can access, with the boundaries that fit each role. The access events initiated by infrastructure resources and applications are logged, tracked and monitored using the same, robust controls that Teleport provides for engineers.
“Cyberattacks are based on a human error for initial infiltration and an attempt to pivot to maximize the blast radius. That’s why adopting identity-based access is critical – it removes an attacker’s opportunity to pivot,” Kontsevoy added.
New Capabilities of Teleport Desktop Access
In addition to Machine ID, Teleport 9 brings a host of new features. Teleport Desktop Access, which provides access and audit capabilities for Window Servers and Desktops, is now Generally Available and adds Windows session recordings, Clipboard copy-and-paste, and multi-factor authentication.
Teleport Database Access Adds Support for Redis, MariaDB and Microsoft SQL Server
Additionally, Teleport Database Access has added support for Redis, MariaDB and Microsoft SQL Server, as well as auto-discovery for Amazon Redshift clusters so that new Redshift instances immediately join the Teleport cluster without manual registration. Teleport 9 also now supports Moderated Sessions in which multiple authorized individuals must be jointly connected to the same session in order to increase security and compliance in critical systems.
Top iTechnology Cloud News:Â Glenn Gerstell, Former General Counsel of the US National Security Agency, to Address Attendees at Cloud Security Alliance SECtemberSM
[To share your insights with us, please write to sghosh@martechseries.com]