Cloud Infrastructure Entitlement Management (CIEM) brings identity management to a new level. First-generation Cloud Identity Access Management (IAM) approaches do not provide the precise tools needed to manage today’s dynamic, multi-cloud environment. CIEM provides a more granular approach to cope with today’s complex cloud infrastructure. With ephemeral workloads and resources, CIEM manages not just the proliferation of identities, but also the complex matrix of entitlements and permissions that exist between identities and data.
On June 29, we hosted a webinar with Eric Kedrosky, Director of Cloud Security Research and CISO of Sonrai Security, to serve as a follow-up to a recently released research report released by Gartner. While the report shines a light on this new terminology in cloud security, its primary purpose is to dig deep into the top CIEM functions. Here we break down some key takeaways from the webinar.
Non-People Identities and Their Entitlements Pose the Greatest Security Risk in the Cloud
While they are not always visible, identities and their entitlements are the greatest security risk for organizations, and as cloud adoption grows, visibility into your cloud entitlements and data access will only become more complex. According to Gartner, by 2023, 75% of security failures will result from inadequate management of identities, access, and privileges, up from 50% in 2020.”
The challenges include a broad mix of people and non-people identities, with non-people identities scaling into the tens of thousands, all with diverse associations that are widely disseminated and decentralized. This creates potential privileged access paths that are hidden. Lack of maintenance and ongoing management results in privileged accounts with long-standing privileges that are dormant, older than 90 days, or not in use anymore. On top of these challenges, enterprises struggle with filling technical skills gaps, training their existing staff, and managing multiple cloud environments.
To explore this topic further, we spoke with Eric Kedrosky, CISO & Director of Research, and Dave Shackleford, Principal, Voodoo Security to examine some of the big changes happening in the space and how security teams can be ready to get ahead of this paradigm shift. As a bit of context for how important it is to get in front of this, Gartner predicted that through 2021, organizations without a formal program would spend 40% more on IAM capabilities while achieving less than organizations with such programs.
This will only grow exponentially as the number of non-people identities grow and their relationships become even more complex. Getting ahead of this fundamental paradigm shift now is key for organizations not only to protect their critical data, IP, and infrastructure, but also to reap the benefits of digital transformation. While over-permissioned identities can lead to breaches, the opposite scenario can put a drag on teams and systems and slow the speed and scale of your initiatives.
From Data Centers to People to Non-People Identities
In the data center, your network formed your security boundary, and humans were the primary risk factor. According to our research, non-people identities now comprise five times the number of humans, and they exist in an incredibly complex, diverse matrix of entitlements. Shifting from networks and humans to identities and entitlements is a major shift requiring new tools and approaches.
Visibility is Paramount: You Can’t Manage What You Can’t See
What are your identities, and what are their permissions? In enterprises with a large cloud infrastructure, very few have thoroughly inventoried their identities and their permissions or mapped their trust relationships. Getting a complete view of the environment is essential to view both existing and potential vulnerabilities and pathways. Limited visibility leads to poor governance and makes management impossible. Your data can be accessed, bad actors can gain control of your systems, and a data breach is inevitable.
Effective Permissions Are Central to Cloud Infrastructure Entitlement Management (CIEM)
What are your identities and what are their end-to-end permissions? Mapping and moderating effective permissions are at the heart of CIEM, foreclosing the possibility that bad actors can gain access through over-privileged or dormant identity. If you don’t remove their permissions, then you are at unnecessary risk. Cloud environments lead to increased complexity, calling for a single solution that can deliver the same controls and frameworks across all your cloud environments, regardless of the cloud provider.
CIEM, the Security Acronym to Rule Them All
Getting Cloud Infrastructure Entitlement Management (CIEM) right is key for organizations, and not only to protect critical resources and data. Misconfiguration can cause teams to bump heads and break critical infrastructure or slow down the scale and speed of your initiatives. Too many controls can mitigate the benefits of the cloud and put an unnecessary grind on your DevSecOps teams and other groups. CIEM actively monitors and moderates identities at the level of entitlements to protect all of your resources, IP, and systems.
To learn more, view the webinar, Cloud Infrastructure Entitlement Management (CIEM): Yet Another Security Acronym.