How do security teams keep up with DevOps and deploy security at scale?
Nov 29, 2018
Jon Benson of HashiCorp explains a few key things your secrets manager needs in order to keep up with DevOps-style agility.
VP Worldwide Solutions Engineering, HashiCorp, HashiCorp
In the world we live in today there's a different way that operations teams and DevOps teams manage their infrastructure. It's no longer humans pointing and clicking and saying "I need a server," or filling out a ticket and waiting a couple of months to get the server that you ordered that's secured. What we want to allow for is automation, and what we have today is a number of infrastructure automation tools that've been created by the community, and what it allows you to do is provision things very quickly.
Now, this doesn't necessarily gel with the secrets management solutions that we've created in the past. We've had very human-focused tools just because the provisioning was very human-focused ways of grabbing secrets and interacting with the secrets management solutions. Where we need to move to is a way for those infrastructure automation tools that work really quickly to work with our secrets management solution—exposing ways for you to do API-driven secrets management, API-driven policy, API-driven access management—so that you're able to meet the needs of what your DevOps team is looking for.
If they adopt a tool that allows them to go to infinite scale across whatever cloud whether it be public or private that's great, but if it doesn't work with the secrets management solution that you've implemented then it doesn't mean anything because they're not actually able to role out that infrastructure. So it's incredibly important that as you look at secrets management solutions that you're solving for the needs of your DevOps teams and looking at the challenges that they're going to face now that they're not manually provisioning stuff anymore.