RWS_Q1_22

manager is able to give and revoke certificates based on who should have access to the network enabling confidentiality while turning away intruders that lack the right certificate,” Palanisamy explained, citing an example such as using a passport or driver’s license, he added “a machine identity shares information about the device and where it belongs/has access.” However, machine identity management is a complex process, and the degree of complexity increases when digital identities are managed across multiple networks, cloud ecosystems and, of course, geographies. According to a survey of MM users by AppViewX, respondents acknowledge they have difficulties keeping track of the certificates and keys across their operational technology/IoT infrastructure (78 percent), cloud infrastructure (76 percent), on-premises IT infrastructure (75 percent) and containerized infrastructure (74 percent). The good news is organizations can push some of the management complexity back toward service providers or a partnering managed service provider (MSP) by taking advantage of MIM-as-a-service (MIMaas) options. That’s largely why 95 percent of respondents said MIMaaS is their preferred approach to machine identity management moving forward. However, it is an area where adoption is in the early stages, with only 28 percent having fully implemented MIMaaS so far. Of course, a key reason driving the adoption of MIMaaS is the general push toward as-a-service solutions more broadly, with this being a reason for its adoption in 54 percent of organizations which are planning to or have started to implement MIM. Even so, in many cases the benefits MIMaaS directly provide to machine identity management processes also are influencing organizations, as half of respondents are using MIMaaS to reduce the time they need to spend on MIM compared to other types of solutions, while 43 percent said it was to reduce the complexity of their approach to MIM, and 41 percent so that they require less in-house expertise. “Workforce skillset is one area that is quite a challenge for organizations” said the AppViewX report, “[I]f vendors can provide a solution such a MIMaaS which helps alleviate this issue further, it will be a winning situation all round.” Organizations that have fully implemented MIMaaS tend to have better awareness of the certificates and keys than those who haven’t, showed the AppViewX findings. A full 96 percent of those who have fully implemented MIMaaS have full awareness of certificates and keys across their digital assets, compared to 37 percent of those who have started to implement it, and 28 percent of those who haven’t started yet but plan to. “MIMaaS therefore has great potential to simplify organizations’ approaches to machine identity management and help them to overcome the issue they are currently facing in tracking digital certificates and keys across their digital assets,” concluded the report. Palanisamy cautioned that a concern with MIMaaS is “leveraging as a service model for the keys, securely managing the keys and escrowing the keys.” He added the way to address this is to use a hardware security module with a “secure encryption algorithm to secure and segregate the data.” J For what reasons is your organization planning to use/is your organization currently using a MIMaaS solution? (Among organizations which have implemented, are implementing or are planning to implement. Not showing all answer options.) We are generally moving toward as-a-service solutions across all or most of our IT infrastructure and solutions 54% To reduce the time we need to spend on machine identity management compared to other types of solutions 49% To reduce the complexity of our approach to machine identity management 43% So that we require less in-house expertise on machine identity management 41% MIMaaS solutions operate faster than other types of solutions 40% It would be/is cost effective 37% Source: AppViewX 51 REMOTE WORK SOLUTIONS rwsmagazine.com

RkJQdWJsaXNoZXIy NTg4Njc=