Related Post
Report
2024 Identity and Security Trends
Report
Saviynt a Gartner Peer® Insights Customers Choice for IGA
Solution Guide
IGA Buyer's Guide
Solution Guide
PAM Buyers Guide
Whitepaper
Focus on patient care, not complex identity management.
Use our partner finder to discover your perfect business match.
Securing Privileged Access in the cloud, due to its ephemeral nature, is quite challenging; it requires a different approach than securing a traditional on-premises environment. It requires an understanding of the various conduits or channels through which Privileged Access can be gained, as well as the challenges in securing each of those conduits.
Let’s go through these conduits and understand the security challenges while using them:
Conduit #1 – Management Consoles are a primary conduit where users gain Privileged Access to native cloud services.
Conduit #2 – Native Command Line Interfaces (CLI) and API Calls represent the conduit with which applications, service accounts and both human and non-human Identities consume cloud services. Access assignments to these types of accounts are often static and the monitoring of usage is difficult due to lack of session uniqueness.
Conduit #3 – Serverless Functions available through Lambda/Azure functions are heavily used by organizations to automate and operate their cloud functions without human intervention, which often requires these functions to execute underprivileged context. Monitoring serverless functions can be challenging, due to the sheer volume and velocity of their activities. Determining and ensuring serverless functions follow the principle of least privileged access is extremely complex, time-consuming and expensive.
Conduit #4 – Local Workloads including Virtual Machines, Containers and Managed Databases
The need to manage the lifecycle of access on workloads such as virtual machines, databases (AWS RDS or Azure DB), Docker containers etc. is essential, but difficult to achieve.
Stay tuned for the second part of my blog that goes into design/architecture principles for addressing the above discussed issues and how Saviynt enables organizations to manage and monitor privileged access in the cloud. If you have any questions, please reach out to me at Vibhuti.sinha@saviynt.com.
Report
Report
Solution Guide
Solution Guide
Whitepaper