Google Cloud Platform (GCP)
Manage Identity. Secure Access. Prove Governance
Cloud Flexibility and Shared Responsibility Require Risk Visibility
As organizations turn to cloud providers like Google Cloud Platform (GCP) for the flexibility and speed needed to stay a step ahead, Saviynt delivers identity governance that complements GCP and answer the need for holistic lifecycle management securing access within the cloud.
The mass migration of workloads to cloud providers like GCP exposes organizations to security-pitfalls and identity risks previously unseen in on-premise solutions. Under the Shared Responsibility Model, providers like Google secure access to the cloud, but the challenge of securing access within the cloud falls to customers.
Google Flexibility, Saviynt Security
Securing access within the Google cloud requires an IGA solution built for fine-grained access management and designed to identify security risks within the Google environment. Saviynt’s solution allows organizations to manage Google user accounts, roles, and resources while enabling real-time risk identiﬁcation, and enforces security policies across the Google platform.
Take Control of Identity Governance
Migrating business services and applications to the Google cloud is a logical evolution. The use of GCP creates a “borderless enterprise,” which includes complex information systems housed in the Google cloud with users logging in from onsite and remote networks. This new paradigm necessitates an identity governance solution with a more granular approach to cloud identity management.
Saviynt’s solution brings risk visibility and governance to the Google Cloud Platform. Cloud Identity users and roles are automatically provisioned, maintained, and deprovisioned based upon organizational authoritative sources, such as HRMS feeds. Saviynt also provides an intuitive access request service with access recommendations for users to obtain additional roles or responsibilities. All access request and fulfillment includes risk-based visibility to prevent someone for gaining access which would trigger a Separation of Duty or toxic access violation to help ensure organizational security.
Consolidation, Remediation, Mitigation
Saviynt automates the identification of over 80 risks across the GCP implementation, including resources such as VM, Buckets, Firewall, VPC Network, Kubernetes Engine, and Cloud SQL. Saviynt’s integrated cloud identity access analysis and remediation recommendations enhance the security of Google’s cloud infrastructure. Saviynt supports multiple GCP Organizations, providing a single window to manage users across Google Cloud Identity accounts when they request access to resources created by users from another Cloud Identity account.
Smarter Security within the Google Cloud
Saviynt’s behavioral analytics can be leveraged to detect high-risk activity based on various risk scoring parameters including volume spike, ingress/egress traffic, event rarity, outlier access, policy/control violations, threat intelligence, etc. Saviynt empowers enterprises with a flexible rules engine and Segregation of Duties management capabilities for application and business owners to define, enforce, and manage business and security policies within the Google cloud. For example, a developer cannot perform both development and quality analysis; developers should not have admin access to production instances. The policies combined with a rich dashboard provide a granular view into the security posture of enterprises using GCP, allowing identification of security gaps with ‘actionable’ responses.