Tim Callahan, SVP, Global Chief Information, Security Officer, Aflac
“With anything you do, you first need a well-thought-out process. But without automation, it’s impossible to manage
- Machine identity protection is an urgent priority CISOs must
- CISOs must create a process to manage the entire machine identity life cycle and automate that process with the right solutions.
“Before implementing any kind of tooling, you need to work out the process for managing machine identities in your
Tim Callahan sees machine identity protection as an issue of growing concern that chief information security officers (CISOs) must address today. According to Callahan, “It’s more important and sometimes harder to protect machines, so you need a very well thought out process that regulates how machines identities are assigned and how they are controlled.” He adds, “You must create an ecosystem that recognizes when a machine touches the network and then deny it any type of network access unless it has a bona fide identity.”
Callahan points out that several important drivers are behind the proliferation of machine identities. “One of them is the Network Access Control discipline, or NAC,” he notes. The increased popularity of telecommuting is also a factor. “When a lot of your workforce is no longer within your conventional technology perimeter, you need a good way to ensure that only the right people are accessing it. You must have a process in which the humans authenticate to the machines in a multifactor fashion and then the machines authenticate themselves to the network,” he adds.
This is an excerpt from 8 Experts on Protecting Machine Identities. This series was generously sponsored by Venafi.