A recent Sunday found me on the phone with my internet provider. They’re good about support, someone picks up, no matter when you call. Before I heard a human voice, I heard roosters, several of them. The WFH technician explained that his family’s menagerie included four roosters and several chickens. Didn’t slow him down at all, and we resolved the issues.
Yet, it was those background birds that got me thinking. How can organizations provide security as they embrace and empower remote employees? Enterprises rely on multiple applications, containing countless corporate secrets, in silos scattered throughout their estates. Examples of secrets include passwords, PINs, tokens, API keys. As more secrets are created to support growing numbers of applications, they naturally sprawl across an organization. It’s imperative to know where secrets are stored, and what security policies are applied for protection.
Centralizing secrets management across an organization enables consistent security policies and eliminates secrets sprawl. However, accumulation of secrets in one place, a centralized secrets repository, requires high security. Establishing a root of trust to protect the repository is critical to enabling enterprise-wide access to computing resources across a variety of on premises and multi-cloud environments.
HashiCorp Vault brings organizational secrets into a single, centralized secure repository, keeping applications and the data they process secure. This enables use of a consistent security policy, easily audited for compliance. But if you’re going to keep all your secrets in one place, it had better be secure. To mitigate potential risks created by aggregating secrets, HashiCorp Vault integrates with nCipher HSMs, providing a robust root of trust to protect the Vault master keys. The combined solution eliminates secrets sprawl with centralized controlled access, based on trusted identities and policy enforcement.
Organizations are pivoting to address ever evolving customer requirements. They are also meeting the challenge of maintaining corporate security standards, while facilitating employee access to necessary data and tools.
I haven’t needed to contact my internet provider again, so haven’t heard the fowl belonging to that gifted technical support agent. But if I do, I’m more aware of the steps being taken by global enterprises to ensure staff can be secure, efficient, and successful.
Find out more about how nCipher’s partnership with HashiCorp here