Globally, devices and applications are multiplying faster than the human population. The number of connected devices worldwide now exceeds 17 billion. And this total doesn’t include software-based machines, cloud instances or automated services. Machine-driven digital transformation is now impacting every industry – yet, if these machines’ identities are not adequately protected, the outcomes can have structural and economic damage. According to a report from AIR Worldwide, between $51 billion to $72 billion in losses to the worldwide economy could be eliminated through the proper management and protection of machine identities.
Digital transformation can only be effective and safe if the connections, authorizations and communications between machines are secure. This requires every machine to have a unique identity. That might sound straightforward, but there are five key areas that are making machine identity protection more complex: mobility, IoT, cloud, automation and AI, and DevOps.
1. The mobile revolution
From banking to e-commerce to travel, smartphones have transformed our lives. Mobile devices are now being used as an extension of human identities, recording fingerprints and facial recognition scans. Mobile data traffic is also growing exponentially, having increased seventeen-fold over the past five years so that it will represent 20 percent of total IP traffic in 2022.
Although smart mobile devices have been a fact of life on enterprise networks for over a decade, securing the sensitive corporate data that flows through these devices is becoming more challenging. More and more consumers are also opting to interact with companies via mobile services. This adds a new challenge – developing and deploying mobile services faster than ever, while still ensuring they are safe and secure to use. Failure to do so could lead to data loss and damage to corporate reputation, not to mention disruption of revenue-generating services. Protecting the machine identities linked to customer-facing mobile services should be a key concern for organizations undergoing digital transformation.
2. The internet of everything
It has been twenty years since the term ‘Internet of Things’ (IoT) was first coined. Yet, it’s only over the past decade that IoT has really taken off. Today, there are more than 31 billion networked devices; many of these smart devices are already embedded into our homes – and they are making inroads into enterprise markets as well. Industrial IoT alone is forecast to add $14 trillion to the global economy by 2030.
For enterprises, the value of IoT devices is in the data capture. However, as devices typically have limited storage, data must be transmitted to a centralized location to be analyzed. Since much of this data is sensitive, these communications must be authenticated and protected. Each device must be secured and controlled otherwise it could lead to a certificate-related outage or cyberattack, resulting in widespread business disruption and reputation damage.
3. Head in the clouds
Today, almost every business is using cloud in some way – including those in highly regulated industries, like financial services. The cloud has dismantled the traditional perimeter, allowing enterprises to get their applications up and running faster, and to rapidly adjust resources to address fluctuations in business demand.
In the cloud, people are no longer the limiting factor in the creation of machines; machines automatically create, configure and destroy other machines in response to business demand. The average lifespan of a virtual machine is just 23 days, compared with the expected three- to five-year life span of a physical device. To protect the security and privacy of cloud data, businesses must encrypt cloud workload data and adequately secure the machine identities that determine whether communication between all machines, including those in the enterprise and those in the cloud, can be trusted.
4. The age of machine autonomy
One of the major characteristics of digital transformation has been the growth in automation, and autonomous machines. Automation has delivered efficiency gains across every industry, augmented by the introduction of Robotic Process Automation (RPA) and underpinned by Artificial Intelligence (AI). Business adoption of AI-powered technologies is expected to triple by 2021.
A software revolution is taking place that radically impacts the definition of machines. We now rely on machines to supply data and business insights. Therefore, it is vital for these machines to communicate securely, but it is equally important communications are not manipulated in a way that could change the outcomes. Every machine-to-machine communication needs to be authenticated and secured to reduce the risk of interference.
5. DevOps practices go mainstream
The business imperatives that drove widespread cloud adoption – speed, agility, efficiency, and economies of scale—are also the driving forces behind DevOps. DevOps initiatives require new tools, techniques and machines. This shift in how IT operations and development teams work together, coupled with new technologies, is accelerating the speed at which new machines are created and destroyed. For example, while the average life of a virtual server is just 23 days, the average life of a container is a fraction of that— just 2.5 to 5 days. The adoption of containerization alone dramatically increases the challenge of safely generating and securing machine identities. As a result, organizations need a technical solution designed to help them protect the barrage of new machine identities.
The accumulating machine identity crisis
Our increasing dependence on machines means organizations that were once managing a thousand machine identities are now tasked with managing hundreds of thousands, or even hundreds of millions. Due to the five factors outlined above, machine identity protection is overwhelming IT and security teams. The increase in DevOps practices and automation also means there is often a lack of clear ownership and awareness within organizations leaving machine identities out in the open and vulnerable to attack.
To mitigate the impact of these five factors and to ensure the security of machine-to-machine communications, organizations must have complete visibility into every machine identity, paired with intelligent automation, the ability to detect misuse in real time, and the capability to automatically remediate any vulnerabilities discovered at machine speed and scale.
Michael Thelander, Director of machine identity strategy, Venafi