Virtualization Technology News and Information
Article
Search:
RSS
Follow VMblog.com:
Improve end user experience in VDI, DaaS and physical endpoint environments
Teleport Closes the Access Loopholes Fueling the Rise of Cyberattacks

Teleport announced the availability of Teleport 9, the latest edition of the open-source Teleport Access Plane. This latest release introduces Teleport Machine ID which delivers identity-based access and audit for infrastructure resources like servers and databases, CI/CD automation, service accounts and custom code in applications such as microservices.  By consolidating identity-based credentials for engineers and the applications they write, Teleport closes the identity loophole that enables compromised infrastructure and code to be used in cyberattacks.

"Teleport gives identity-based access controls to developers and, now, also to the code they write," said Ev Kontsevoy, co-founder and CEO, Teleport. "With Teleport 9, organizations can enforce the same consolidated identity-based access policies to machines as they use for developers, dramatically reducing overhead, improving security and easily meeting compliance requirements." 

With over 100 million physical servers, more than one billion virtual servers and an estimated 35 billion connected devices worldwide, malicious code has never had greater ability to mount an attack using an organization's own computing infrastructure. To prevent this, it is essential that organizations configure zero-trust authentication and authorization for their infrastructure resources and developer coded applications like microservices as well as for their engineers with only the minimal, or in some cases zero-standing privileges. This eliminates the risk of stolen credentials and minimizes the blast radius of an application vulnerability. Additionally, defining access policy for both humans and applications in a single solution dramatically reduces operational overhead. 

Current approaches to machine-to-machine access operate on outdated security principles like reliance on hard-coded shared credentials (e.g. passwords or API keys) and old-fashioned perimeter security, bypassing even basic security measures such as authentication and encryption inside the perimeter.

Machine ID solves these issues with a fully automated Certificate Authority (CA) designed to programmatically issue and renew short-lived certificates that give an identity to developer coded applications.  Along with the identity Teleport already provides for engineers, this creates a single source of truth for defining and enforcing access policy for valuable data. With a scalable approach to machine access, Teleport 9:

  • Simplifies certificate management for IT infrastructure;
  • Reduces the blast radius for supply chain attacks on infected or hacked services;
  • Unifies access policy and access controls for both engineers and applications; and, 
  • Lowers operational overhead and increases security and compliance.

By providing a unified identity-based access solution for both engineers and machines, Teleport 9 empowers organizations to implement security best practices and meet compliance requirements. Through Teleport, the identities of all users, infrastructure resources and custom coded applications are mapped to specific roles that authorize the resources they can access, with the boundaries that fit each role. The access events initiated by infrastructure resources and applications are logged, tracked and monitored using the same, robust controls that Teleport provides for engineers.

"Cyberattacks are based on a human error for initial infiltration and an attempt to pivot to maximize the blast radius. That's why adopting identity-based access is critical - it removes an attacker's opportunity to pivot," Kontsevoy added.

New Capabilities of Teleport Desktop Access

In addition to Machine ID, Teleport 9 brings a host of new features. Teleport Desktop Access, which provides access and audit capabilities for Window Servers and Desktops, is now Generally Available and adds Windows session recordings, Clipboard copy-and-paste, and multi-factor authentication.

Teleport Database Access Adds Support for Redis, MariaDB and Microsoft SQL Server

Additionally, Teleport Database Access has added support for Redis, MariaDB and Microsoft SQL Server, as well as auto-discovery for Amazon Redshift clusters so that new Redshift instances immediately join the Teleport cluster without manual registration. Teleport 9 also now supports Moderated Sessions in which multiple authorized individuals must be jointly connected to the same session in order to increase security and compliance in critical systems.

Published Tuesday, April 05, 2022 1:47 PM by David Marshall
Filed under: ,
Get This Featured White Paper: Evaluator Group Report on Liqid Composable Infrastructure
You may also be interested in this white paper: Have It Your Way: Access Your Mac from Anywhere
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
CC2023
big-5g
DTX2023
connected-america
kubecon-eu-2023
disrupt2023
submarine networks
vExpert
Calendar
<April 2022>
SuMoTuWeThFrSa
272829303112
3456789
10111213141516
17181920212223
24252627282930
1234567