The Increasing Role of DevOps in Digital Identity Security

As businesses strive to get new applications and services up and running more quickly, DevOps is fast becoming a key strategy for many IT teams.

DevOps represents the unification of an organisation’s development and operations teams and, within that, huge gains for productivity, efficiency, and innovation when it comes to software development.

DevOps adds significant value because it automates much of the labour and time-intensive processes that historically have weighed heavily on software development teams. It also streamlines the cooperation between app development and their IT counterparts.

Innovations like this are usually welcomed within enterprise IT, however, sometimes they’re ushered in too quickly. This, in turn, can lead to issues further down the track.

DevOps and Secure Identities

DevOps comes with its own sets of considerations, especially when it comes to identity security. In fact, the approach has accelerated so quickly that identity security teams often struggle with the growth of apps and data being generated.

In many cases, identity initiatives are stretched to their limits. Normally, a new app or service would be brought into an enterprise’s existing identity ecosystem through centralised authentication services. However, the sheer speed which DevOps permits often finds identity teams overwhelmed with more requests than they can handle.

DevOps clearly has much to contribute to identity security because identity is a key part of application onboarding. However, if organisations truly want to take advantage of the full benefits that it offers, they need to place identity at the centre of that strategy.

Essentially, identity teams need to match the speed of DevOps. At the same time, DevOps teams have several key requirements for a compatible identity solution. They need to have identity infrastructure consumable in coded, pre-configured instances for their app environments.

The Role of Containers

Enterprises looking to make identity available within a DevOps environment are increasingly looking to tools like Docker (a containerisation tool) and Kubernetes (a container orchestration tool).

Containers are a key enabler within the DevOps ecosystem that deliver much in the way of business benefits, key among those being that containers:

  • Reduce commercial and operational risk by enabling multi-cloud strategies
  • Increase reliability by minimising human error associated with manual testing and deployment
  • Optimise costs by facilitating elastic, right-sized environments that can scale rapidly when required

Using containers to deliver identity services carries all of these benefits, while also allowing tighter integration into the broader enterprise DevOps environment, and in doing so, simplifying integration and leveraging existing DevOps tools, skills and practices. Don’t buy into the notion that pretty much anything can be containerised though.  While there are some benefits to containerising legacy applications, unlocking the full potential offered by using containers in a DevOps environment requires a platform that has built-in support for the deployment model. If your enterprise is on the DevOps journey and your identity platform doesn’t support containerised deployment, it might be time to start looking for an identity platform that does.

Working Together on Identity

When implemented well, containerised identity empowers application owners by facilitating simple, template-based self-service integration patterns. This prevents identity security teams from being a bottleneck, accelerating the business in doing so. Relieved of the burden associated with day to day moves, adds and changes, identity security teams are free to focus on higher-value activities that improve an organisation’s security posture or drive a stronger digital experience by implementing those features that have been on the backlog forever (biometrics anyone?).

Steve Dillon
Steve Dillon is the Regional Solutions Architect at Ping Identity.