The 2021 State of Infrastructure Access and Security Report reveals major complexity and security challenges in hybrid infrastructure environments
Teleport, the Access Plane company released the results of its inaugural State of Infrastructure Access and Security Report. The report is based on a survey of 1000 IT, DevOps and Security professionals conducted by Schlesinger Group, an independent research company. The survey seeks to better understand how enterprises are dealing with massive increases in complexity in the age of digital transformations, cloud-native and hybrid IT environments, increased remote work, and the dissolution of the network perimeter.
Key findings include:
Great Resignation breeds infrastructure access concerns
Concerns over workers leaving the labor force or looking for new positions has led to heightened concerns around infrastructure access and overall security for enterprise organizations. As organizations grapple with the Great Resignation and the impact it has on business continuity and success, more than half (58%) of IT, DevOps and Security professionals surveyed are “concerned” or “very concerned” about ex-employees leaving with secrets and/or knowledge into how their organization accesses infrastructure. Notably, more than 25% of respondents state they are very concerned, and 83% could not guarantee that ex-employees can no longer access their infrastructure.
Top iTechnology Datacentre News: Vertiv Partners with Tech Consortium to Lead Low-Carbon Fuel Cell Development for Data Centres
IT stack complexity requires fine-grained infrastructure access protocols
The survey revealed the complexity of the modern infrastructure environment. Today, 60% of organizations are running applications in containers, Kubernetes and virtual machines. 61% of organizations use more than three or more different types of databases, and 15% are using six or more. 94% of organizations run the Windows operating systems for servers, and 43% also run Linux. In addition to complexity of infrastructure, nearly half of organizations must adhere to three or more compliance standards such as SOC2, PCI, HIPAA, and FedRAMP. This complexity is quickly maxing out organizations’ ability to monitor and manage their infrastructure effectively. As a result, during an outage or other crises, 61% of organizations have experienced an instance where an expert engineer has been unable to contribute to the resolution of an issue due to infrastructure access issues.
Moving towards new forms of infrastructure access methods is mission critical
Due to the concerns about ex-employees accessing infrastructure and the complex environment in which modern applications run, 86% of those surveyed expect their budget for infrastructure access technologies to increase in the next 12 months, with more than one-third expecting this to be a big increase in 2022. Companies are looking to improve their security posture with modern access methods. For example, organizations ranked moving to the following access methods as important or very important: Just-in-time access (89%), Zero-trust architectures (86%), Passwordless access (77%). Identity-based certificates were also seen as a security advancement. When asked why they have implemented identity-based certificates, 44% cite greater security than other types of credentials as the top reason; 34% cite greater functionality.
Top iTechnology Networking News: Cloud4C Expands Its Managed Cloud Services with Highly Secure SD-WAN Solution
Securing infrastructure and managing access is a shared responsibility
When asked which roles are responsible for securing infrastructure and managing access, more than half (54%) said responsibility lies with three or more departments, while 11% indicated that five or more departments are responsible for infrastructure and access in their organizations. When asked who is most responsible, there is less clarity in the responses with less than half saying Security roles are most responsible and only one-third saying DevOps or Engineering teams.
Developer productivity a key factor when considering implementing access controls
With enterprise developer teams running applications in an ever-growing number of environments, each adding their own level of complexity, developer productivity is top of mind for IT, DevOps and Security decision makers. In fact, the survey found that 84% respondents view developer productivity as a “big” or “major” factor when implementing access controls. Of note, nearly half of the survey’s respondents stated their organization has implemented new security measures that failed to be adopted by employees, which shows that employees will resort to workarounds and backdoors when met with overly complex access requirements.
In conjunction with the release of the 2021 State of Infrastructure Access and Security Report, today Teleport also announced the availability of Teleport 8, the latest edition of the open-source Teleport Access Plane, which extends the product’s identity-based, passwordless access to Windows Desktop and Windows Server users in cloud, on-premises and edge computing environments.
Top iTechnology IT and DevOps News: Teleport Announces Latest Version of Teleport Access Plane
[To share your insights with us, please write to sghosh@martechseries.com]
