New digital uses have led to a drastic evolution of System Administrators’ responsibilities. With the exponential increase in the number and diversity of systems and applications to manage, it’s now necessary to automate administrative tasks. Advanced automation is required with dedicated tools such as Ansible or Terraform to code an infrastructure. System Administrators have effectively become DevOps and are fully involved in the development and deployment life cycle of applications.
Unfortunately, DevOps practices can introduce vulnerabilities, jeopardizing data or credential integrity. To facilitate the management and testing of an online application, DevOps connect to their servers repeatedly to upload new binary, change settings, etc. These automated operations require credentials that end up hard-coded in the source code or in a flat file, critically exposing the security of those systems.
Appropriate tools must be deployed to guarantee that DevOps tasks don’t put your IT at risk.