Page 123 - Cyber Defense eMagazine for July 2020
P. 123

picture of access in the cloud and working toward least privileged access are difficult , but necessary
            endeavors  to  ensure  security  in  the  cloud.  In  the  last  couple  months,  plenty  of  enterprise  security
            professionals have realized that cloud identity and access management (IAM) is an area where they are
            vulnerable because they lack insight into the complex problem.


            The repercussions of poor IAM governance are substantial and sometimes unpredictable. For example,
            last year a former AWS employee accessed over 100 million Capital One customers’ records after she
            bypassed a misconfigured web application firewall, then used privileged escalation to access the data.
            To protect the identity perimeter at scale, organizations need an automated monitoring and remediation
            solution for access management, role management, identity authentication and compliance auditing – all
            of which help enterprise security teams stay ahead in this complex landscape. Even once this pandemic
            subsides, we will continue to see a great emphasis placed on cloud IAM, especially as organizations
            continue to encourage remote work.”






            About the Author

            Chris is the VP of Technology, Cloud Security Practice at DivvyCloud
            by  Rapid7.  He  is  a  technical  pioneer  whose  passion  is  finding
            innovative and elegant new ways to deliver security, compliance and
            governance  to  customers  running  at  scale  in  hybrid  cloud
            environments. He remains deeply technical, writing code and diving
            into the latest technologies and services being deployed by partners
            like Amazon, Microsoft, Google, VMware, and OpenStack.
             Before  co-founding  DivvyCloud,  Chris  was  the  Online  Operations
            Manager  at  Electronic  Arts  for  the  Mythic  Studio  where  he  helped
            design,  build  and  operate  large  scale  cloud  infrastructure  spanning  public  and  private  clouds  to  run
            Electronic Art’s largest online games (including Warhammer Online: Wrath of Heroes and Warhammer
            Online:  Age  of  Reckoning).  He  started  his  career  as  a  Network  &  System  Administrator  at the  U.S.
            Department of Energy where he was mandated with a broad array of technical responsibilities including
            security and compliance.
            Chris earned his Bachelor of Business Administration in Computer Information Systems from James
            Madison University.
















            Cyber Defense eMagazine –July 2020 Edition                                                                                                                                                                                                                         123
            Copyright © 2020, Cyber Defense Magazine.  All rights reserved worldwide.
   118   119   120   121   122   123   124   125   126   127   128