Page 54 - Cyber Defense Magazine RSA Edition for 2021
P. 54
machine identity executes an action it has never performed on a resource that it has never
accessed, chances are someone is misusing the credentials.
The Cloud Permissions Gap exposes organizations to highly exploitable risk combined with the inability
to implement and manage Zero Trust policies. This is why enterprises adopting cloud-first strategies must
leverage a multi-cloud entitlements and permissions management platform that provides comprehensive
visibility, automated remediation, continuous monitoring and compliance.
How to close the Cloud Permissions Gap with CIEM
CIEM is the next generation of solutions for managing access and enforcing least privilege and Zero
Trust access in the cloud. With the benefit of a SaaS offering that deploys in minutes with full up-and-
running capabilities in 24 hours or less, here are three ways CIEM can help organizations secure their
cloud infrastructure right now:
1. Leverage activity-based authorization to right-size permissions of identities.
To accomplish this, the organization empowered by a CIEM solution would remove or scope down
permissions for over-privileged users, service accounts and groups automatically. Then it would
enable high-risk permissions on demand with controlled timed access using an integrated
approval workflow, restricting broad access to critical cloud infrastructure resources.
2. Identify, improve and monitor Identity and Access Management (IAM) hygiene
continuously.
A CIEM solution allows the organization to migrate from static, assumption-based permission
grant processes to continuous, activity-based permissions management processes—helping the
organization to monitor, get alerts and remediate anomalous identity behavior, unauthorized
identities and roles.
3. Implement automated, continuous compliance and reporting.
To remain compliant and secure, it is essential that organizations restrict access to virtual
machines. CIEM can help by removing inbound Secure Shell (SSH) and remote desktop (RDP)
access in security groups automatically. Organizations leveraging CIEM can also adopt best
practices, such as enabling multi factor authentication (MFA) for all identities with console access;
rotating credentials and manage keys regularly; and automating custom risk reports across all
accounts using NIST 800-53, CIS Benchmarks and AWS Well-Architectured reporting to drive
compliance.
54