Workloads in the cloud are extremely complex. It becomes increasingly challenging to instrument the cloud
          and send voluminous amounts of alerts to responsible security teams. DevOps need to understand how
          quickly these workloads fire off and how automation is required for the desired result. Teams need to
          understand the complexity. The intricacies of rules and regulations demand complexity to reduce risk and
          increase security. Global restrictions make cloud security even more complex.


          In the cloud, Identities, human and non-human, are the new security perimeter. As such, a new approach to
          security is needed, one that focuses on Identity and data governance. Organizations that have recognized
          this, and adjusted their strategy, are already seeing the benefits, not just to their security program, but also
          to their overall business. Let’s look at some of the challenges they faced and more importantly overcame.



          Organizations Fail to See the Common Identity Blind Spots

          Many organizations fail to recognize the most common Identity management blindspots. Let’s start with the
          highly privileged Identities. While not all users enjoy the same level of access across cloud services and
          resources, some Identities accumulate high levels of privilege due to their various responsibilities. This means
          they can move in and out of important accounts relatively unchecked. Examples include managers, software
          engineers, content professionals, members of the finance team, and more - the unchecked Identities.

          Another common blind spot is granting elevated permissions to individual users which can cause
          considerable harm. For example, a user may be able to change system configuration settings, share access
          with other users, or lift sensitive information that can be sold for profit. As such, it is important to err on the
          side of restricting access.

          Lastly, your organization is too slow in de-provisioning. Further problems can arise when end users, human
          Identities leave an organization without being properly de-provisioned, increasing the likelihood of a
          catastrophic data breach. Because non-human Identities can also take on a role like a user, an organization
          may lose visibility into what can be accessed. IT administrators need to have a centralized system in place
          to control Identities for rapid provisioning and de-provisioning.


          Don’t Stumble on Your Lack of Cloud Guardrails

          An organization’s Cloud Service Provider (AWS, Azure, or GCP) enables guardrails to provide strong
          preventive and detective governance throughout their environment. Guardrails can be used to control system
          resources and monitor compliance across accounts, organizations, roles, Identities, and non-human
          Identities. However, cloud-native guardrails are not enabled by default and can be disabled by system
          administrators.

          Furthermore, these guardrails are often at different stages of maturity and almost always within their own
          pane of glass, which makes effectively managing within your cloud very difficult. Managing across different
          clouds - forget about it! Without guardrails in place, organizations are highly exposed to any number of
          threats, such as data theft or unauthorized access. While guardrails may vary in scope from organization to
          organization — or even across different cloud providers — they should always be used.
















             99    Cyber Defense eMagazine – April 2021 Edition
                   Copyright © 2021, Cyber Defense Magazine.  All rights reserved worldwide.