Securing Non-Human Identities in AWS and Azure (Part 1)

Identities in a modern enterprise public cloud deployment are innumerate and critical to securing your data. Non-person identities – like servers, VMs, serverless functions, applications, etc. – are being created at a rapid pace, sometimes by services without a person ever involved.

Cloud providers like Azure, AWS, and GCP have given us tools to help govern access, but they can be made insecure by simple configuration errors or omissions – and they’re very different approaches, creating complexity for multi-cloud deployments. Governance requires a new approach that meets this new reality of ephemeral compute and complex webs of permission combinations.

This is the first in a two-part series on non-person identities. This session, we discuss:

• What we mean by non-person identities
• What problems these identities cause
• Best practices for managing them
• Immediate steps anyone can take today to secure the identities