SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image

Teleport updates policy to enhance critical asset security

Thu, 24th Oct 2024

The secure infrastructure access provider Teleport has introduced enhancements to its Teleport Policy to better protect critical assets in computing infrastructures.

These new features are designed to help organisations reduce security risks by focusing security efforts on "crown jewel" resources, thus alleviating alert fatigue. Teleport Policy offers unified management of access for both human and machine activities across various computing architectures, including Kubernetes, databases, clouds, and services.

The update introduces three pivotal features: Crown Jewels protection, SSH Key Discovery, and a real-time dashboard offering greater visibility into standing privileges.

Ev Kontsevoy, CEO of Teleport, commented on the increased complexity that security teams face in contemporary infrastructure systems. "Security teams are managing increasingly complex systems in today's infrastructure," he stated.

"You can't rely on traditional access control methods anymore. You need visibility, prioritisation, and proactive risk management. The capabilities we've introduced not only improve security but the efficiency of security teams. Clear, actionable insight reduces the time spent on manually identifying risks and lets teams focus on strategic initiatives."

The introduction of the Crown Jewels feature is aimed at helping organisations emphasise changes in access to vital resources such as sensitive databases and mission-critical applications. By more closely monitoring access patterns for key resources, this feature seeks to reduce noise-related alert fatigue. Additionally, it allows departments to create individual sets of crown jewels, promoting departmental self-governance.

SSH Key Discovery aims to identify unauthorised or undocumented SSH keys that potentially create shadow access points—a known source of security vulnerabilities. "Without this feature, organisations run the risk of unknowingly leaving critical systems exposed," noted Alexander Klizhentas, CTO at Teleport.

"Shadow access can lead to a breach, as attackers often exploit such hidden pathways. Those blind spots have to be eliminated to tighten overall security."

The real-time dashboard feature gives users a consolidated view of standing privileges to detect any overprivileged or stale access points. Identity and Access Management (IAM) leaders are thereby enabled to enhance their security governance more effectively.

Klizhentas added, "One of the hardest challenges for security teams is easily identifying and prioritising users with standing privileges or policies that leave resources exposed. Without this visibility, potential security risks could go unnoticed, leaving critical resources vulnerable to breaches."

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X