Addressing the Cloud Permissions Gap with CIEM

9
Effectively Integrating Threat Intelligence within Existing Security Operations (1)

There has been a dramatic increase in the breaches in the cloud space, and the majority of those breaches were a result of identities and their related entitlements. Traditional security controls and management practices lag behind the flexibility and velocity of the cloud, and tools from cloud providers lack the capabilities to cover the complex needs of global enterprises.

Managing access and permissions in the cloud remains a challenge for most enterprises. Even though many enterprises understand the business value of cloud environments, they have not realized how these infrastructures increasingly place the responsibility on them to manage security risk.

To manage and reduce their attack surface, enterprises have to gain control over all machine and human identities and their access privileges within the cloud environments. This is a challenging task considering the number of enabled permissions in a typical enterprise cloud infrastructure can reach millions.

Read More: How Adaptive Applications Can Reduce the Potential Risks Growing Cyberattacks

According to Gartner, “by 2023, 75% of security failures will result from inadequate management of identities, access, and privileges, up from 50% in 2020.”

In 2020, Gartner added a new category to its 2020 Hype Cycle for Identity and Access Management Technologies – Cloud Infrastructure Entitlement Management (CIEM). This new approach is designed especially for managing access and enforcing least privilege in the public cloud.

This management and enforcement of permissions and entitlements is a key competency of a comprehensive CIEM platform. It helps enterprises design and implement zero-trust architectures in hybrid and multi-cloud environments.

The Cloud Permissions Gap

There is a dangerous delta between permission granted and permissions used in many enterprises – the cloud permissions gap. CloudKnox Security Research labs have uncovered that more than 95% of privileged identities – both human and machine – within organizations’ cloud infrastructures, use less than 2% of their permissions granted.

Cloud Permissions Gap is a contributing factor to the rise of both malicious and accidental insider threats affecting enterprises of all sizes, as attackers exploiting an identity with misconfigured permissions and access across the critical cloud infrastructure of an organization. This gap is growing larger with every passing day in every cloud environment.

Read More: Protecting wireless protocols from data breach

 Addressing Cloud Permissions Gap with CIEM

With the help of a CIEM solution, organizations can automatically remove or scope down permissions for over-privileged users, service accounts, and groups. This would enable high-risk permissions on-demand with controlled and timed access with an integrated approval workflow, thereby restricting broad access to critical cloud infrastructure resources.

A CIEM solution also enables an organization to migrate from static, assumption-based permission grant processes to a continuous, activity-based permissions management process. This will help the organization to monitor and rectify anomalous identity behavior and unauthorized identities.

CIEM can also help the organization remain compliant and secure by restricting access to virtual machines. It can automatically help them remove inbound remote desktop (RDP) and Secure Shell (SSH) access in security groups.

The Cloud Permissions Gap across an organization’s cloud infrastructure is exponentially getting more dangerous as bad actors exploit those identities to exfiltrate sensitive information from growing attack vectors.

Organizations that strive to prioritize digital transformation and cloud-first strategies can leverage a robust, scalable CIEM platform in their efforts to implement zero-trust architecture.

By instituting best practices for entitlements management and cloud permissions and leveraging automated technologies that reinforce those best practices like CIEM, organizations will be able to efficiently protect critical cloud infrastructure resources and identities in their hybrid and multi-cloud environments.

For more such updates follow us on Google News ITsecuritywire News.