Cloud Infrastructure Entitlement Management: Yet Another Security Acronym
Eric Kedrosky, CISO & Director of Research, Sonrai Security
In the effort to keep your cloud secure, are you monitoring all your cloud identities – person and non-person – and their entitlements? Probably not, as gaining effective visibility into your cloud is notoriously complex. That lack of visibility and control over identity access and entitlements to your resources and assets is almost surely putting your crown-jewel resources and cloud security posture at risk.
Analysts, like Gartner and Forrester Research, see the ability to govern identities and mitigate risk as essential for any enterprise with a large cloud infrastructure footprint. “Cloud Infrastructure & Entitlement Management” (CIEM) is what’s proposed to tackle this problem.
Yes, yet another acronym. We’ll decode where it overlaps with existing solutions (like CSPM), what’s truly new about it, and what security concepts it addresses are most important.
Sonrai Security CISO, Eric Kedrosky, is joined by security veteran David Shackleford (Founder & Principal of Voodoo Security) to parse through the hype and figure out why identity security is becoming more critical to the public cloud.