Removing the Complexity to Securely Access the Infrastructure
As the tech stack grows, the list of technologies that must be configured in cloud computing environments has grown exponentially and increased the complexity in the IT infrastructure. While every layer of the stack comes with its own implementation of encrypted connectivity, client authentication, authorization and audit, the challenge for developers and DevOps teams to properly set up secure access to hardware, the software throughout the organization will continue to grow, making IT environments increasingly vulnerable.
In this episode of The New Stack Makers podcast, Ben Arent, developer relations manager, Teleport, discusses how to address the hardware, software and peopleware complexity that comes from the cloud by using tools like Teleport 9.0 and the company’s first release of Teleport Machine ID. Alex Williams, founder and publisher of The New Stack, hosted this podcast.
As the IT stack shifts to the cloud, the shared responsibility model across the mixed infrastructure environment has increased complexity, “and what Teleport does is it helps teams provide easy secure access to all of this infrastructure from servers, Kubernetes, clusters, to the AWS Management Console,” said Arent. Everything is based on certificates in the background that you get for that day, he said.
The company recently released Teleport Machine ID which “provides the same access to short-lived certificates, but for machine to machine communication,” said Arent. With Teleport Machine ID, access certificates are issued every 20 minutes using tbots — a type of service that will automatically retrieve the certificates, Arent said. “If there is a compromise, credentials can easily be locked and there’s a full audit log of what’s happening during those runs,” he added.
With databases storing some of the most sensitive information, protecting access to this layer is critical, said Arent. Too often, team members use a shared login, then leave a company, but with Teleport 9.0 users can identify which person in the team accessed a particular database, giving that layer of visibility, he added.
But for many developers, Teleport is “about compliance auditing. Many see it as a journal. If you’re accessing your home lab, it can be helpful to know exactly what you did and you can go back to see what you did on a particular machine.”