Managing Identities and Entitlements to Mitigate Cloud Security Risks

38
Managing Identities and Entitlements to Mitigate Cloud Security Risks-01

Spurred by digital transformation, as more businesses move to hybrid and multi cloud solutions, the need for management and automation of identities and entitlements will only increase.

Accelerated digital transformation because of the pandemic has blurred the line between the internal network and the public cloud. This has created a much more complex environment that organizations are struggling to secure – and one particularly troublesome area is management of identities and entitlements.

According to Gartner Hype Cycle for Cloud Security, properly protecting and managing identities and entitlements is one of the last remaining barriers to cloud adoption, and recommends organizations to consciously address the risks of the cloud.

Read More: Strategies to Prevent Cyber-Attacks amid COVID 19 Vaccine Rollout

Identity management has been complicated by the various cloud applications available in the market today. Each solution generally creates a security silo where application-specific identities and entitlements are stored. But, cloud adoption has tremendously increased management overhead, making way for credentials to be compromised and increasing the chances of users being assigned excessive entitlements.

Gartner predicts that 75% of cloud security failures  will result from inadequate management of identities, privileges and access, by 2023, up from 50% in 2020.

Most identity and access management (IAM) tools, such as privileged access management (PAM), identity governance and administration (IGA), are mostly limited by on-premises infrastructures. When moved to the cloud, they lack the granular visibility needed to identify and amend access risks and permissions.

Hence, many organizations depend on cloud security tools with limited capabilities over entitlements such as cloud access security brokers (CASB), cloud security posture management (CSPM), and cloud workload protection (CWPP). These are either too broad, or too specialized to attain the insights required to analyze access risk across all identities.

Securing Identities in the Cloud

Securing the cloud infrastructure requires a unified view into all identities to analyze the full stack of access entitlements and privileges and the risks associated with it.

Read More: Key Strategies to Boost the Value of Threat Intelligence in the…

First, it’s important to discover all identities – both human and machine – that have access to resources and their entitlements. It will help expose unused or excessive permissions, internet exposure, misconfigurations, and anomalies.

It also includes the ability to identify privileged identities by type – service, user, third-party applications, and external identity providers. It involves assessing their permissions and risk factors like their capability to manage permissions, modify infrastructure, leak data, escalate privilege, or conduct an investigation. This kind of visibility helps eliminate excessive entitlements and reduce the risk of compromise by either an internal or external threat actor.

The next step involves assessing entitlements of certain entities like IAM roles and groups to analyze if the permissions and access provided are justified or need to be changed. It also needs to go beyond general data and include a detailed list of all the entity’s permissions.

Finally, monitoring activity logs of identities and the resources they interact with is crucial to gain a comprehensive view of the public cloud environment. This can help businesses to gain insights on how entitlements are being used and help them spot suspicious activities.

For more such updates follow us on Google News ITsecuritywire News.