DevOps Security - Realising Technical Segregation of Duties

DevOps is a software development methodology that combines software development (DEV) with its operation (PROD). The ultimate goal of a DevOps strategy is to shorten the system development lifecycle while delivering features, bug fixes and updates, close to production and thus in close alignment with business goals and operational dynamic requirements. DevOps is the new quasi-standard, but it also brings a lot of risk.

Overcoming IT silos without compromising data security

In the current and still widespread silo configuration, each team member, in his or her field of activity, is responsible for his or her silo and is characterised by silo-related special behaviour.

Securing and logging DevOps with visulox
Classic creation of silos within IT development

Ergo: Developers and admins do not speak the same language. Different tasks are prioritised differently and often different work cultures and ways of working clash.

Securely design technical DevOps strategies

In the devops world, everyone has the same skills and the same access. The DevOps strategy will primarily not change the silos, but only the process behaviour. This leads to the loss of the "segregation of duty" called for in many process descriptions. Who is now responsible? Who has made changes in production or who is responsible for ensuring that test data has been properly and verifiably pseudonymised?

Mitigate DevOps risks with PAM
Building a DevOps IT environment

Ergo: Developers and admins are now talking more with each other. They are a team and ideally understand which requirements should be taken into account beyond their own. But the dilemma remains that although they work together, they rarely document together.

DevOps advantages YES - uncontrolled information flow NO

Through the use of VISULOX in front of the silos, every access including user interaction is documented in a screen record. This enables those responsible and interested third parties (management, auditors, etc.) to obtain clear proof of which activities were carried out by whom. Without restricting them or interfering with the operational process.

DevOps and privileged access management. Control all access centralized
DevOps Security implemented with VISULOX

Non-critical business accesses can be handled as usual, critical accesses can additionally be recorded and personalised.

Business-critical accesses can be assumed with VISULOX, a technically unique and seamlessly implemented 4-eyes principle.

Business-critical transaction of data, such as the transport of test data, can be controlled by predefined parameters.

Who did what, when and how?

A central solution for control and documentation for DevOps

VISULOX Privileged Access Management is the central access component between the user and his tasks. It can be used to document who has access to which application and when, and who authorised it and when. Via VISULOX Privileged Access Management the presentation of an application also takes place and is also documented. This gives you control and an overview of all activities in the system. And all this without changes to the client or server, during operation.

VISULOX-privileged-access-management

Control You centralized all accesses of privileged users to internal IT and
OT systems

Harmonise Harmonise heterogeneous access requirements according to organisational guidelines

Rely anytime, anywhere on audit-proof records of every activity within IT and OT

VISULOX has been developed by amitego in Germany since 2003 and is used worldwide by small to medium-sized companies, including DAX30 companies, across all sectors.

We have more topics we like to write about.

3 good reasons to say goodbye to VPN

3 good reasons to say goodbye to VPN

VPNs are more widespread, but they pose a high risk. 3 reasons why VPN should be replaced with a PAM solution with Remote Support should be exchanged.

Cookie Consent with Real Cookie Banner