Removing Complexity to Securely Access Infrastructure – The New Stack
As the technology stack grows, the list of technologies that need to be configured in cloud computing environments has grown exponentially and increased the complexity of the IT infrastructure. While each layer of the stack comes with its own implementation of encrypted connectivity, client authentication, authorization, and auditing, the challenge for developers and DevOps teams to properly configure secure access to hardware, software across the organization will continue to grow, making IT environments increasingly vulnerable.
In this episode of The New Stack Makers podcast, Ben Arent, Developer Relations Manager, Teleport, discusses how to manage the complexity of hardware, software, and human software that comes from the cloud using tools like Teleport 9.0 and the first release of the company’s Teleport Machine ID. . Alex Williams, founder and publisher of The New Stack, hosted this podcast.
Also available on Apple Podcasts, Google Podcasts, Overcast, PlayerFM, Pocket Casts, Spotify, Stitcher, TuneIn
As the IT stack moves to the cloud, the shared responsibility model in the mixed infrastructure environment has increased complexity, “and what Teleport does is it helps teams provide easy secure access to all that infrastructure, from servers, Kubernetes, clusters, to AWS. Management Console,” Arent said. It’s all based on back-end certificates you get for that day, he said.
The company recently released Teleport Machine ID which “provides the same access to short-lived certificates, but for machine-to-machine communication,” Arent said. With Teleport Machine ID, access certificates are issued every 20 minutes using tbots – a type of service that automatically retrieves certificates, Arent said. “If there is a compromise, credentials can easily be locked down and there is a full audit trail of what happens during those runs,” he added.
With databases storing some of the most sensitive information, protecting access to this layer is critical, Arent said. Too often team members use a shared login and then leave a company, but with Teleport 9.0 users can identify which person on the team accessed a particular database, giving that layer of visibility , he added.
But for many developers, Teleport is about “compliance auditing.” Many see it as a diary. If you’re accessing your home lab, it can be useful to know exactly what you did, and you can go back to see what you did on a particular machine. »