Cloud Secure Series: Preparing us for AWS re:Invent

Leading up to AWS re:Invent, Saviynt will be sharing 8 security dimensions that will help get your cloud infrastructure Cloud Secure. Whether you are migrating your critical workloads to IaaS providers, like AWS, security and compliance remain at the forefront of any organization’s implementation plans.

Strategizing and implementing Access Governance for IaaS services, devOps tools and CI/CD processes requires a deep understanding of their native security model and an intelligent system which could highlight the security gaps and provide visibility on access exposure across these platforms in a single pane of glass.

This brings us to our first Cloud Secure Issue: Getting a ”consolidated access view” is fundamental to access governance. AWS a leading IaaS provider, with its robust IAM framework, provides access permissions to Identities or AWS services via JSON-based AWS IAM policies and roles which are often in large numbers. Saviynt retrieves fine-grained access information on AWS resources by ingesting and parsing JSON based IAM policies and role objects and creates a consolidated access view across AWS accounts.

Consolidated access view provides administrators/infrastructure owners an insight into “who” has access to “what” or “how many high privileged users/roles/policies exist in their AWS accounts?” These security controls provide the overall Access Exposure on critical workloads in the ecosystem

Access visibility is further augmented by understanding “How” the access is provided and its “Context.” With this “single pane of glass” view, administrators can detect access exposure, prevent potential data breaches due to unauthorized or privileged access and above all adhere to the principle of least privileged access in their IaaS environments. Join us here tomorrow as we discuss the next tip for making your infrastructure Cloud Secure!

Vibhuti Sinha

About author

As Saviynt's Chief Cloud Officer, Vibhuti Sinha, is the owner of Saviynt's cloud platform and products of Saviynt. As the owner of Saviynt's cloud platform, he is responsible to deliver Saviynt's IGA and cloud security offerings as services to its customers across the globe. He is also responsible for the strategy and innovation of products to secure various cloud providers, cloud applications and platforms. He has 16+ years of experience in defining security vision and roadmap, building security solutions, defining IAM strategy and implementing large scale security platforms for Fortune 500 organizations.

Leave a Reply

Your email address will not be published. Required fields are marked *