What’s the best way to navigate least privilege complexities in a multi-cloud environment? And how is the role of identity management evolving? Jeff Moncrief from Sonrai Security spoke on the Cloud Security Podcast with Ashish Rajan on why identity is the new network in the cloud-driven world. We speak about the challenges of implementing least privilege in cloud environments, the misconceptions surrounding identity roles, and the critical importance of segmenting access across public clouds just as rigorously as we did on-premises.
Questions asked
00:00 Introduction
03:01 How is identity different in the Cloud?
05:40 Misconceptions about least privilege in the cloud
08:50 Cloud Native solutions for Permission Attack Surface Management
15:36 Common themes when addressing privilege in Cloud
17:22 Starting point when dealing with identities
20:03 Frameworks when working through least privilege
23:21 Showing ROI on doing least privilege
Perimeter solutions cannot protect your cloud data and applications once your environment is breached. Securing cloud access by managing identities and their permissions, can. Follow this real-life attack path scenario and see how managing identity and privilege could have prevented a full blown breach.
