Our team was recently asked for our definition of Privileged Access. The group responded with multiple answers – from Amazon EC2 instance types to local or domain administrative access, service, emergency, and privileged user accounts; none of which were incorrect. The simple answer that we all can agree on is access to critical business assets that pose a high risk to the organization.
Traditionally, privileged access has been associated with on-premise servers and administrative users. But, it equally applies to ‘risky’ access that human and non-human (silicon-based) identities have in cloud infrastructure and applications. This also applies to DevOps tools, continuous integration (CI) and continuous delivery (CD) solutions, cloud workloads, and data stores. Privileged access can spawn across a multi-cloud environment, where different native security frameworks (AWS IAM, Azure RBAC, etc.) add to the burgeoning complexity given the varied skills required to support these frameworks. Continuous scanning and parsing of role or permission assignment objects associated with silicon identities is a core design principle adopted to provide deep visibility. Remember, you can’t govern what you can’t discover and identify.
Governance of privileged access looks at who owns and approves high-risk access to users or applications, containers, bots, and other identities. The governance decision in the legacy world focused on ‘known’ user, static security policies, or an urgent request with limited intelligence on the identity and security context in-line with the privileged request.
Key strategic moves that organizations are making include providing approved time-bound least privilege access to critical assets that can be monitored and audited. With the real-time discovery of assets continually spun up in the cloud, the Saviynt platform utilizes cloud-native technologies to manage the velocity and scale of these changes. This helps businesses reduce the blast radius and reduce the timeframe required to exfiltrate data from determined adversaries.
Saviynt brings the convergence of key aspects: identity and privilege context to provide a consolidated view of risk. This risk insight helps business applications, and cloud infrastructure teams apply informed decision-making that addresses vulnerabilities across user and asset risk. Our integrated approach reduces the attack surface by reviewing the use of persistent shared access, and gaining visibility on misconfigurations and violations (e.g., a virtual machine or a Kubernetes cluster with open ports to the internet). For usability, we provide a comprehensive library of controls, mapped to industry standard, as a centralized risk hub.
Saviynt’s Cloud Privileged Access Management (Cloud PAM) solution also applies next-generation techniques using password-less access to workloads and applications to thwart the proliferation of passwords or SSH keys. This allows organizations to rethink and control the sprawl of persistent identities required to perform privileges tasks. Saviynt enables organizations to have greater visibility and control on access risk. Organizations can make well-informed decisions to approve or disapprove access to business-critical assets, get real-time alerting, monitoring, and remediation of extremely sensitive assets.
Organizations are quickly learning that lifting and shifting your on-premise PAM controls and applying those controls to cloud assets is not enough to address the ever-changing threat landscape. It’s time to rethink your on-premise PAM strategy and bring it to Saviynt’s Cloud PAM.
For a detailed technical review of the Saviynt platform, meet my colleagues at our booth RSA Conference 2020 in San Francisco.
WHY SAVIYNT? INTELLIGENT ACCESS. SMARTER SECURITY
Saviynt starts with people – who they are and what applications they need – to create a holistic set of identities across the cloud ecosystem. This approach enables customers to govern all identities access from cradle to grave, providing continuous visibility of access to enforce internal controls that align with regulatory and industry-standard mandates. Saviynt’s cloud-native platform offers flexible deployments, including on-premises only or hybrid/cloud to match your hybrid ecosystem identity needs.
Our suite of solutions enables you to create a holistic approach to IAM that enables you to mature your cybersecurity posture by securing your Microsoft ecosystem with identity-centric security.
For more information about managing identity security for Microsoft, contact us for a demo today.