Page 54 - Cyber Defense Magazine RSA Edition for 2021
P. 54

machine  identity  executes  an  action  it  has  never  performed  on  a  resource  that  it  has  never
                   accessed, chances are someone is misusing the credentials.


            The Cloud Permissions Gap exposes organizations to highly exploitable risk combined with the inability
            to implement and manage Zero Trust policies. This is why enterprises adopting cloud-first strategies must
            leverage a multi-cloud entitlements and permissions management platform that provides comprehensive
            visibility, automated remediation, continuous monitoring and compliance.



            How to close the Cloud Permissions Gap with CIEM


            CIEM is the next generation of solutions for managing access and enforcing least privilege and Zero
            Trust access in the cloud. With the benefit of a SaaS offering that deploys in minutes with full up-and-
            running capabilities in 24 hours or less, here are three ways CIEM can help organizations secure their
            cloud infrastructure right now:



               1.  Leverage activity-based authorization to right-size permissions of identities.

                   To accomplish this, the organization empowered by a CIEM solution would remove or scope down
                   permissions for over-privileged users, service accounts and groups automatically. Then it would
                   enable  high-risk  permissions  on  demand  with  controlled  timed  access  using  an  integrated
                   approval workflow, restricting broad access to critical cloud infrastructure resources.

               2.  Identify,  improve  and  monitor  Identity  and  Access  Management  (IAM)  hygiene
                   continuously.

                   A CIEM solution allows the organization to migrate from static, assumption-based permission
                   grant processes to continuous, activity-based permissions management processes—helping the
                   organization  to  monitor,  get  alerts  and  remediate  anomalous  identity  behavior,  unauthorized
                   identities and roles.

               3.  Implement automated, continuous compliance and reporting.

                   To  remain  compliant  and  secure,  it  is  essential  that  organizations  restrict  access  to  virtual
                   machines. CIEM can help by removing inbound Secure Shell (SSH) and remote desktop (RDP)
                   access  in  security  groups  automatically.  Organizations  leveraging  CIEM  can  also  adopt  best
                   practices, such as enabling multi factor authentication (MFA) for all identities with console access;
                   rotating credentials and manage keys regularly; and automating custom risk reports across all
                   accounts using NIST 800-53, CIS Benchmarks and AWS Well-Architectured reporting to drive
                   compliance.







                                                                                                              54
   49   50   51   52   53   54   55   56   57   58   59