Cloud Services / Data / Security / Sponsored

The Invisible Matrix of Optimal Infrastructure Security 

24 Mar 2021 1:38pm, by and

Web security is the theme of the latest episode in our new series “Security @ Scale” on The New Stack Makers podcast with Okta. The series explores security in modern environments, with stories from the trenches.

In this episode, co-hosts Alex Williams, founder and publisher of The New Stack, and Randall Degges, head of developer advocacy at security services provider Okta, speak with  Ev Kontsevoy, co-founder and CEO of Teleport, which offers organizations instant access to computing resources.

Subscribe: SoundCloud | Fireside.fm | Pocket Casts | Stitcher | Apple Podcasts | Overcast | Spotify | TuneIn

In many ways, the dilemma organizations face when seeking to manage secure data and connectivity to multiple cloud resources can be resolved by rethinking about how dynamic data access is managed. The idea of traditional access to applications and data through cloud service providers is thus seen as evolving to a model in which DevOps teams only have access on an as-needed basis.

The classic sci-fi film franchise “The Matrix,” about a cyber-controlled virtual reality that humans perceive as real, serves as an analogy of how this new age of access can work, Kontsevoy explained. In the film, he said, it is never revealed how many servers there are upon which the Matrix is running.

“They don’t even tell us where [The Matrix] is,”  said Kontsevoy. “And once you’re in the Matrix,  you don’t have to log in many, many times — you’re gonna plug this thing into the back of your head and whatever you’re supposed to access within the Matrix is seamlessly in front of you.”

In more ways than one, the Matrix represents the future. “When we start saying cloud computing, that’s yesterday — cloud computing is legacy,” said Kontsevoy. “I’m saying the Matrix is going to replace the cloud and the access into that Matrix.”

This dynamic is exemplified by the concept behind Teleport. “By using Teleport, users log in once and you automatically do not just have access to things, but they’re in front of you,” Kontsevoy said.

Kontsevoy described how he has access to a rack in a data center, as well as different cloud accounts. “I have it all behind Teleport,” said Kontsevoy. “So, when I’m teleporting myself into my personal … Matrix, I get access to everything I need — so, that’s the future.”

“Access” is the operative word, and for which security certificates are replacing keys, explained Kontsevoy. Since the same certificate authority governs access, “issuing certificates for everything governs access across your entire computing footprint, people and boxes,” said Kontsevoy. “So, on a high level, I think, we’re all agreeing now that this is how access should be implemented. And that’s exactly what Teleport does for you.”

Configuration should be limited as close to a state of “zero configuration” as much as possible. The computing structure of Kubernetes clusters is not inherently unsecured, but in many cases, the clusters’ complexity, and often, their state of misconfiguration, can pose issues.

“What Teleport does is it simply places extremely opinionated authentication in front of Kubernetes — and we say only certs, nothing else,” said Kontsevoy. “And, it basically is configuration-free from that perspective.”

A newsletter digest of the week’s most important stories & analyses.