Securing machine identity crucial for better cybersecurity management

For every single identity, there are 45 machine identities in an organization, requiring a centralized management of machine identities across all applications and workloads.

Organizations around the world continue to invest in cybersecurity, especially in securing critical data and infrastructure. Businesses are also focusing on more zero trust capabilities to have better visibility over accessibility.

In a conversation with CRN Asia, Koh Ssu Han, Solutions Engineering Director in ASEAN for CyberArk pointed out that while securing employee identity is critical, machine identity is another area that requires adequate security measures.

In fact, a study by CyberArk revealed that 62% of Asia Pacific organizations define a privileged user as human-only. Only 38% of organizations define all human and machine identities with sensitive access as privileged users.

According to Koh, for every single identity, there are about 45 machine identities. As such, a new paradigm is required to keep pace with this rapid proliferation. This includes shifting from inefficient manual, siloed approaches that create compliance and security risks to centralized management of machine identities across all applications and workloads for any cloud or IT environment at scale.

Put simply, be it on the cloud or on premise, securing machine identities is critical as cyber criminals are now targeting identities that are not traditionally considered privileged.

“For example, a support engineer would have access to the systems in his role. Traditionally, these are not considered privilege access as the employee is simply accessing his systems. But in the last year or two, we have seen attackers where they attack the developers and the support engineers. The attackers get access to their accounts, escalate privilege, and then get access to the main applications and administrative systems. So, they actually enhance their requests or enhance their permissions to step up and basically get access,” explained Koh.

Koh also pointed out that with more identities, there is going to be more complexities in terms of the environment accessed. As organizations move beyond on-premises to the cloud, there’s an entirely different system on the identities are managed.

“How do you secure identities for one person across all the different environments, on top of all the applications and all the systems? That’s a very complex area,” added Koh.

Interestingly, Koh also mentioned that while AI can enhance cybersecurity by identifying behaviors and responding faster, AI is still relatively new in cybersecurity. He believes Ai is more capable in assisting people to be faster in identifying risks and responding faster.

Working with partners to educate customers

To ensure organizations understand the importance of identity security, Koh mentioned that CyberArk is working with its partner and distributor ecosystem to educate them.

“We not only educate them but work with our partners and distributors to help them make sure they show their identity security. Our partners are very important for us to be able to go out to the market. We are focused on partners to not only just help us in terms of the sales, but also the skill sets in terms of delivery and for support to customers. Ultimately, it's not just about the license, it's about implementing it and supporting them throughout the whole life cycle of the journey,” explained Koh.

Among the customers that have implemented CyberArk’s identity management platform is Japan’s Konoike Transport. With a headcount of approximately 24,000, the logistics, transportation and outsourcing services company implemented CyberArk Privileged Access Manager, a component of the CyberArk Identity Security Platform. With a unified view of all privileged accounts, it now has a clear insight into user access within a few clicks.

Besides better incident response time, with a log of all accounts, Konoike Transport can now conduct audits and meet compliance requirements such as the Sarbanes-Oxley Act more efficiently. Further, CyberArk’s ability to enable cloud-based privileged access within a single architecture fits perfectly into Konoike Transport’s cloud-first strategy.

Apart from Konoike Transport, one of India’s leading financial institutions, RBL Finserve, has also chosen the CyberArk Identity Security Platform to boost cyber resilience, safeguard customer data and ensure business continuity. RBL Finserve implemented the platform built on zero trust principles to protect credentials and manage privileged accounts.

Specifically, it implemented CyberArk Privileged Access Manager and CyberArk Workforce Identity and is now able to manage IT administrators’ privileged access by isolating and monitoring sessions while continuously rotating credentials. RBL Finserve also consolidated on the CyberArk Single Sign-On (SSO) and Adaptive Multifactor Authentication (MFA) as an essential part of its foundation planning to expand intelligent privilege controls across all human identities that access its systems, including third-party vendors.

Venafi acquisition to provide a more holistic view on identity security

On October 1^st, 2024, CyberArk closed its acquisition of Venafi. For Koh, he believes that the acquisition will only enhance CyberArk’s identity security capabilities. Given Venafi’s best-in-class machine identity management capabilities, Koh explained that the combination with CyberArk’s identity security capabilities will establish a unified platform for end-to-end machine identity security solutions that can help organizations vastly improve security and stop costly outages.

All machine identities, including workloads, code, applications, IoT devices and containers, must be discovered, managed, secured and automated to keep their connections and communications safe. The combination of Venafi’s certificate lifecycle management, enterprise Public Key Infrastructure (PKI), workload identity management, secure code signing and SSH security with CyberArk’s secrets management capabilities, will empower organizations to protect against misuse and compromise of machine identities at scale.

“Coming together, we can actually help our customers by offering much more comprehensive and robust capabilities for them to manage identity for the machines. With CyberArk and Venafi, we are now looking at how do we provide that holistic view, understanding where the crucial assets are, and then also manage it and then rotate it. For example, like certificates, it will be lifecycle management, making sure new certificates are issued and roll it out before they expire,” explained Koh.

Koh also mentioned that some customers are becoming aware of the need to secure machine identities and are already taking steps to secure them.

“For those who are aware, they are starting to link together both the identity piece together with the developers to create that awareness to make sure that they act on it rather than just being aware of it. Part of CyberArk's role is to foster awareness to customers and help them solve the challenges of identity or machine identity insecurity. Because if you look at developers, they are just focused on getting the job done. We need to make sure machine identity security is easy enough for developers to use as well,” said Koh.

With that said, Koh believes in 2025, the focus for CyberArk will be getting customers to move from being just aware of the need to have machine identity security to implementing these measures.