Scaling Privileged Access for Modern Infrastructure: Real-World Insights
Apr 25
Virtual
Register Today
Teleport logoTry For Free
Home > Teleport Academy > Infrastructure Access

What are non-human identities?

Posted 29th Feb 2024 by Travis Swientek

In DevOps architectures, where automation plays a key role, CI/CD systems and automated bots like Drone, Jenkins, and GitHub Actions, perform essential tasks related to the management, deployment, and maintenance of applications and services in cloud and on-premises deployments.

What are Non-Human Identities?

Non-human, or machine, access to infrastructure plays a crucial role in modern computing. In DevOps architectures, where automation plays a key role, CI/CD systems and automated bots like Drone, Jenkins, and GitHub Actions, perform essential tasks related to the management, deployment, and maintenance of applications and services in cloud and on-premises deployments.

Elements of Machine Access

  • Automation: Machines automate repetitive and predefined tasks, enhancing efficiency and reducing the potential for human error.
  • Machine Identity: Assigning unique identities to machines, typically through certificates, enables secure authentication and granular access control, ensuring that machines have the appropriate permissions for the tasks they perform.
  • Secure Connectivity: Secure access to network infrastructure is vital. In traditional IT architectures, this may involve VPNs and firewalls; in modern computing environments these connections may be secured through zero trust.

Overcoming Challenges in Machine Access

  • Network Security: In many infrastructure stacks, privileges are implicit, and machine access can create points of vulnerabilities.
  • Scalability and Management: As the number of machines and the complexity of tasks grow, managing access becomes increasingly challenging.
  • Compliance and Data Protection: With machines often handling sensitive information, adherence to compliance standards and the implementation of robust data protection measures are critical.

Teleport Take

Teleport provides a unified approach to secure infrastructure access for both humans and non-humans. Our approach includes:

  • Cryptographic Identity for both Users and Machines: Teleport assigns cryptographic identity to all users, machines, devices, and resources that are part of infrastructure access. This eliminates the risks associated with embedded secrets or static credentials that can vulnerable to identity-based attacks.
  • Zero-Trust Access: Teleport protects all connections, both between users and machines and infrastructure, and throughout the infrastructure stack, with zero trust. This zero trust connection to application and workloads makes infrastructure resilient to bad actors and ensures that infrastructure can be accessed from anywhere.
  • Seamless Integration with DevOps Tools: Teleport's platform integrates seamlessly with popular DevOps tools and CI/CD pipelines, facilitating automated deployments and operations across cloud-based and on-premises environments.
  • Visibility and Auditing: Teleport provides detailed audit logs and monitoring capabilities, offering visibility into machine activities and ensuring compliance with regulatory requirements.

By leveraging Teleport for machine access to infrastructure, organizations can achieve a balance between operational efficiency and stringent security requirements. Teleport's platform not only simplifies the management of machine identities and access but also enhances the overall security posture and user experience, enabling businesses to scale their operations securely and confidently in the face of increasing complexity of computing environments.