Share this entry
Happen to miss our recent keynote at the CSA CloudBytes on identity and data security? We’ve got you covered. In this post, we’ll break down the top-level cloud security takeaways from our session at the virtual conference.
Brendan Hannigan, CEO and Co-Founder of Sonrai Security was featured on May 26th as a keynote speaker for the multi-day virtual event with focus on transformation to the cloud. Connecting senior executives with research initiatives aimed at educating cloud security professionals, Brendan reviewed the top considerations for organizations migrating to the cloud in our session entitled, “Why Your Cloud Migration Needs a New Approach to Security and Governance.”
Identity and data access complexity are exploding in AWS, Azure, Google Cloud, and Kubernetes. Modern infrastructure is exposing security challenges, some of which previously did not exist in traditional infrastructure stacks. First-generation security tools have proven inadequate, as evidenced by so many novel and wide-reaching breaches. While the cloud has remained typically the most scalable, affordable, and convenient modes of infrastructure, cloud usage comes with a set of considerations that are different when it comes to data and identity security. Unlike the old world, in the cloud, identities are the new perimeter.
Multiple remote accounts, trust relationships, and permission inheritances are a challenge for organizations. If you’re transforming to the cloud, your organization should include each of these four key principles:
- Achieve and maintain least privilege
- Relentless monitoring
- Enable your team to be part of the solution
- Prevent problems and fix any problems fast
Evaluating the risks of identities (people and non-people) across multiple public clouds, containing hundreds of accounts is challenging. Understanding all the effective permissions of individual identity is a problem that cannot be solved by evaluating a single policy or calling an API. To manage this complexity and reduce risk to your identities and data, your organization should have end-to-end visibility into the trust relationships as they truly exist in your environment. Transparency and precision are imperative from a trust and identity perspective.
Always ensure proper governance and identity access management as a prime objective. Should you inherit or discover challenges, implement prevention rules across your cloud and make sure they are monitored and enforced. Whenever migrating progress and changes to production, use prevention bots to ensure checks are in place, and codify into your production rules the critical requirement which mandates that risk policies must be followed. When possible, your organization should apply and restrict the policies governing changes to swimlanes for streamlined accountability governing modification and access – reducing the possibility and scope of risks being created. Simultaneously, you’ll enact a simpler, safer way to diagnose and act on the challenges your organization discovers in its efforts within the new norm of rapidly and constantly evolving infrastructure. Sonrai Security is your trusted partner as you work to transition to the cloud.
For a more comprehensive look at “Why Your Cloud Migration Needs a New Approach to Security and Governance,” check out the hour-long session on-demand at CSA CloudBytes.
THE ARCHITECT
The Newsletter for Cloud Security Leaders. 1x a month.
Get a Comprehensive Cloud Identity Audit
Request Your AuditSonrai cloud security platform, products and services are covered by U.S. Patent Nos. 10,728,307 and 11,134,085, together with other domestic and international patents pending. All rights reserved.