Throughout the world, cloud deployments are experiencing unprecedented growth. By now, enterprises are well aware of the cost savings and operational efficiencies gained by moving workloads to the cloud. In turn, cloud providers have improved their uptime and reliability. What has made this journey possible for many organizations, especially large enterprises, is the adoption of DevOps.
DevOps helps organizations fully realize the benefits of cloud computing. It increases speed and agility to the development cycles by enabling rapid releases and little to no service interruption. And with most large enterprises utilizing a multi-cloud or hybrid strategy, DevOps provides the tools to move workloads as needed.
But one area that has lagged behind in DevOps is security. As enterprises continue to shift their focus and investments toward digital business initiatives, more critical assets and workloads are residing in the cloud than ever before—and who is in charge of securing those assets is often unclear. In a recent survey of 750 IT professionals, only 8% said they fully understood their team’s role in the shared responsibility model.
Cloud adoption security is vital to protecting the enterprise, and it all starts with securing DevOps.
Making DevOps, DevSecOps
To improve cloud security, it’s necessary to look back at the DevOps processes that enable it. This is where the notion of DevSecOps comes in: securing who has access to the cloud infrastructure and how it is deployed. Only when organizations can accomplish DevSecOps correctly will they feel comfortable moving critical workloads to the cloud.
However, securing access to a cloud environment must be done in a manner that does not outweigh the benefits of DevOps. The user experience must be seamless. And from an administrator point of view, the solution must be agile enough to integrate across a diverse enterprise ecosystem.
Integration is a key factor in securing cloud access. Choosing a solution that supports open standards and can work across your existing infrastructure will make implementation easier. In addition, it will provide you with peace of mind moving forward that should you want to shift workloads, your cloud access security will be able to work anywhere.
Ping & Centify: Better Together
Ping Identity and Centrify have joined forces to provide a holistic cloud access security solution fit for the needs of global enterprises. Centrify provides privileged access service that secures access to administrator and superuser accounts representing the “keys to the kingdom” of your cloud infrastructure. And Ping Identity provides an additional layer of security and assurance that those users are who they say they are.
How It Works:
The Centrify Privileged Access Service enables password checkout and remote login to infrastructure (e.g., servers, network devices, containers).
Ping Identity ensures users accessing the Centrify Privileged Access Service portal are doing so via single sign-on (SSO) and adaptive multi-factor authentication (MFA).
The integration is bi-directional and allows customers to leverage either Ping Identity or Centrify as the Security Assertion Markup Language (SAML) identity provider (IdP). This flexibility allows users to choose if they prefer an IdP-initiated or service provider initiated login experience.
Centrify Privileged Access Service integration with Ping’s adaptive MFA via RADIUS protocol provides flexible security, leveraging one of a broad range of supported step-up authentication factors.
IdP-initiated SSO to Centrify from PingOne
Ping MFA during login to Centrify
With this solution in place, you can implement privileged access security to all your DevOps environments without the administrative burden. At the same time, you can have greater peace of mind that you have the right level of security for privileged access in place for your admins, developers and operations teams. And with Ping’s adaptive MFA protecting Centrify’s privileged access, you can continuously monitor and adjust your controls to find the right user experience.