Sonrai Security website logo for identity and data governance and cloud security

VMblog Expert Interview: Getting Ready for CloudBytes Connect with Sonrai Security

Author: Sonrai Security Marketing | Date: May 20, 2020
Read Time: < 1 minute
Skill Level: Learner
Skill Level: Learner

View article in it's entirety on

From "Identity and data access complexity is a ticking time bomb in your public cloud. Tens of thousands of short compute pieces, thousands of roles, and a dizzying array of interdependencies and inheritances. If you think about it, you have admins that get access to data stores in your environment. Just as the old world, but this is just the beginning in the cloud world. Then, there are service principles, roles, keys. It's what you use every day to build dynamic workloads. If you're using a secret store (like HashiCorp Vault) and want to bring your keys, that's another level of indirection.

It's not about just people anymore. For your cloud, the vast majority of identities are not people's identities. A serverless function, a container, a VM. They have rights too. In addition to specific rights associated with computing or users, a group of policies also convey rights. And of course, cloud security services have access rights too. All of this can be controlled, adjusted, or over-written through global restrictions and resource policies like Amazon's SCP.

Now multiple this by 100 or 1000 and add cloud accounts and subscriptions with Trust Relationships and Permission Inheritance, and you have a ticking time bomb in your cloud. This is why we see data breaches every day.

Sonrai Dig, our enterprise identity and data security platform, de-risks your cloud by finding these holes, helping you fix them, and preventing those problems from occurring in the first place."

You Might Also Like

New CISO Priorities of 2020

CISO priorities have quickly adapted in this new work-from home era; we have seen a drastic shift in direction amon[...]

Read More

Cloud Security Considerations for AWS, Azure, & Google

With the rise of the cloud, data security has changed dramatically. Older data security models based on fortified p[...]

Read More

Data Breach Is Result Of A Failed Cloud Security Strategy

In mid January 2020, one of the largest hotel conglomerates in the world experienced a massive data breach. Over 5.[...]

Read More