HashiCorp Extends Zero Trust Security with Secure Remote Access in the Cloud, CIOSEA News, ETCIO SEA | Techno Glob


HashiCorp extends Zero Trust security with secure remote access to the cloud

HashiCorp, Inc. (NASDAQ: HCP), a leading provider of multi-cloud infrastructure automation software, today announced the general availability of HashiCorp Cloud Platform (HCP) Boundaries, a secure remote access product. With this release, Seema joins HCP Vault and HCP Consul to provide the industry’s first zero-trust security solution for securing applications, networks and people built for the cloud.

As organizations move to the cloud and adopt cloud operating models, they need a different approach to security — commonly known as zero trust security — where the default security posture is to trust nothing, authenticate and authorize everything. But the gap between legacy security postures and the accelerating move to the cloud is contributing to a significant increase in security breaches. According to the HashiCorp State of Cloud Strategy Survey, 90% of respondents in APAC believe that security is the number one determining factor for cloud success, driving organizations to adopt a zero trust security posture.

HashiCorp’s zero trust security approach focuses on using identity to secure applications, networks and people across multiple clouds, on-premises and hybrid environments, reducing the attack surface and automating complex security workflows. It ensures that people, machines and services are authenticated, every action is authorized and data is protected.

“As organizations continue to expand their cloud estates, they must adapt their security strategies to account for the growth and complexity of applications, network components and cloud-based systems,” said Arman Dadgar, co-founder and CTO, HashiCorp. “At HashiCorp, we have always believed that identity is the foundation for zero trust security for applications, networks and users. With HCP Edge, companies now have a modern solution for privileged access management, securing access for their employees in dynamic, transient environments. We feel we have reached an important milestone for our customers by delivering security solutions built for today’s threat and infrastructure landscape.”

“Multi-cloud adoption is accelerating in APAC, with 84% of organizations either using cloud infrastructure or planning to do so in the next year. But this rapid cloud migration has brought more complexity and risk, and businesses need to change the way they manage security,” said Grant Orchard, Field CTO, Asia Pacific and Japan, HashiCorp. “Our recent State of Cloud Strategy survey also showed that skills shortages are exacerbating security risks and impacting organizations’ ability to implement multi-cloud. HCP will address some of these challenges by reducing the border attack surface and automating complex security workflows.

As organizations move out of traditional datacenters and into multiple cloud, hybrid, and edge environments, securing their infrastructure becomes increasingly complex. The HashiCorp Zero Trust solution includes all three aspects:

  • Application: HashiCorp Vault provides a consistent way to manage application identity by integrating multiple platforms and identity providers. Vault enables fine-grained access control and authorization across applications and databases, including dynamically rotating credentials, PKI certificates, and API tokens, ensuring application data is always secure in transit and at rest.
  • Network: HashiCorp Consul secures network traffic between applications and services, enabling granular access control policies, visibility, and traffic shaping. Consul integrates with Vault’s identity platform to leverage application identity for policies and allow dynamic PKI.
  • People: HashiCorp boundaries ensure that the right people can access the right systems and cloud services and must distribute and issue credentials, expose private networks, or manage static credentials. Borders integrates with Vault to issue just-in-time credentials and ensure instant access to critical systems.

HCP limits general availability

HCP provides a secure remote access solution for the boundary cloud operating model, enhancing existing software-defined perimeter (SDP) solutions, such as VPN, and IP-driven and highly manual Privileged Access Management (PAM) solutions. With HCP Borders, teams get fine-grained authentication and authorization controls, faster user onboarding, and automated workflows for target discovery and credential management for transient resources. As a cloud-based service, organizations struggling with HCP boundary security benefit from a lack of people and expertise when transitioning to the cloud.

HCP boundaries allow teams and users to access the critical systems they need during session connection, establishment, credential issuance, and termination. The boundary provides operations and security teams with the ability to dynamically pull from cloud service catalogs and on-premises resources and create policies on which systems, users, and groups should have access. To do this Seema leverages Vault to provide passwordless connections and revoke credentials after each use. This helps ensure that critical information such as credentials, network and resources are never exposed to the user or outside actors.

In addition to core secure remote access capabilities, Seema also offers:

  • Identity platform integration Microsoft Azure Active Directory and Okta, along with many other identity platforms that support OpenID Connect onboard trusted identity and delegated authentication
  • Role-Based Access Control (RBAC) To provide broad or granular access to people across your organization
  • Passwordless authentication For seamless integration with Dynamic Secrets and Vault
  • Automatic service discovery For streamlined detection and configuration of targets. Dynamic host catalogs are currently available with Microsoft Azure and AWS, as well as direct HashiCorp Terraform integration to pull resources under management.
  • Session visibility and logging Gain insight into session metrics, events, logs and traces with the ability to export data to business intelligence and event monitoring tools.



Source link