How to Secure Cloud-Native Infrastructure at Scale and Speed: A Conversation with Madhu Adireddi

Where do DevOps teams feel the most friction with access today?

Madhu: It shows up in the systems they rely on most: databases and Kubernetes.

Teams invest heavily in modernizing their infrastructure. They move to cloud-native platforms, adopt Kubernetes, and automate deployments. However, the access methods for these systems rarely evolve at the same pace. This forces engineers into a frustrating loop where they are:

• Waiting on manual approvals that stall deployment momentum

• Reusing existing credentials to avoid administrative delays

• Working around controls just to get things done

Over time, access becomes a hurdle—something teams tolerate, rather than an enabler of secure, efficient work.

Why are databases such a consistent challenge in this environment?

Madhu: Because while the databases have migrated to the cloud, the methods used to access them are still stuck in the past.

In many environments, access still relies on shared credentials or long-lived standing permissions. This isn’t because teams prefer it; it’s because these legacy methods are faster and more predictable than going through a slower and lengthier request process. But this creates a dangerous trade-off: engineers gain short-term speed, but security teams lose critical visibility. And over time, access expands in ways that are difficult to track or control.

Does Kubernetes introduce even more complexity?

Madhu: Yes—mainly because of how quickly it scales.

As environments grow, access becomes harder to standardize. Permissions are tied to specific roles and configurations that vary across clusters, and temporary access often lingers longer than intended.

Eventually, even simple questions become difficult to answer:

• Who has access to which cluster right now?

• What specific actions are they performing inside the cluster?

That lack of clarity introduces both operational friction and massive security risk.

Why hasn’t this problem been solved yet?

Madhu: Because traditional access models weren’t built for how cloud-native environments operate.

Infrastructure today is dynamic and short-lived, yet access controls remain static and persistent. To avoid slowing teams down, organizations default to granting broader access than necessary—and they rarely revisit these permissions. Over time, this leads to accumulated permissions, limited visibility, and a rapidly expanding attack surface.

What should access look like in a cloud-native environment?

Madhu: It needs to mirror the infrastructure it protects. Modern access should be:

• Just-in-time (JIT): Granted exactly when needed, not always-on

• Identity-driven: Tied to a verified individual, never shared

• Ephemeral: Programmed to automatically expire once the task is complete

Most importantly, it should also integrate naturally into DevOps workflows. Engineers shouldn’t have to think about it, and security teams shouldn’t have to doubt it.

What happens when organizations fail to evolve their access models?

Madhu: Teams start compensating with bad habits. Engineers hold onto access longer than necessary to avoid future friction. Credentials get reused because it’s easier than requesting new ones. What begins as a temporary workaround quietly becomes permanent, creating hidden complexity where:

• Access paths become inconsistent

• Visibility becomes fragmented

• Risk increases without being obvious

Everything continues to work—until there’s an audit, an incident, or a security event that exposes the gaps.

What do security and compliance teams struggle with the most in this scenario?

Madhu: Visibility. In dynamic cloud environments, it is notoriously difficult to piece together a clear, centralized audit trail of who accessed what and what actions were taken—especially when access is spread across multiple different tools and systems. Without centralized visibility, security investigations take longer, audits become more complex, and risk becomes harder to accurately quantify.

How significant is the risk of sticking with the status quo?

Madhu: It’s the primary threat vector we see today. Many recent high-profile incidents highlight a key pattern: attackers rarely exploit infrastructure weaknesses; they exploit simple gaps in identity and access controls. Unmanaged standing privileges are one of the easiest paths in for a threat actor. As your environment scales, so does the potential impact of unmanaged access.

What changes do organizations need to make?

Madhu: They must make a fundamental shift and stop treating access as an afterthought. Access must be treated as a core component of their cloud-native strategy. This means:

• Moving from standing access to a just-in-time access model

• Moving from static credentials to brokered access

• Not settling for fragmented and incomplete visibility, and instead gaining centralized visibility over permissions and access pathways

When access is modernized this way, teams don’t have to choose between speed and security—they get both.

How can organizations realistically operationalize this shift?

Madhu: This is where a solution like BeyondTrust Privileged Remote Access (PRA) comes in. Instead of distributing static credentials or maintaining long-lived access, PRA enables a seamless experience for both sides of the house:

• For Engineers: Session-based, on-demand access to systems like databases and Kubernetes without the friction of manual requests.

• For Security: Just-in-time access that automatically expires, paired with centralized visibility and auditability across all sessions.

With Privileged Remote Access, maintain speed without sacrificing control. Get started with a 14-day trial.