IT’S TIME TO REDEFINE CLOUD SECURITY
The digital era has brought radical changes to the way people work, including accelerating the trend of virtual workplace and remote working. These developments have set in motion a cycle of change in an industry that has resisted disruption for years – enterprise security. True, there is a constant stream of new tools hitting the global market. However, the underlying basis for security technology remains a datacenter-centric model. And, it’s light years away from the reality of the multi-platform, multi-cloud infrastructures that are exploding in front of our eyes. This phenomenon calls for a dismantling of the legacy model for protecting corporate environments and the creation of a second generation of security solutions with all the agility of the cloud environments where they interoperate seamlessly. The digital era is the driver for cloud native security 2.0.
By 2023, 75% of security failures will result from inadequate management of identities, access, and privileges, up from 50% in 2020
Source: Managing Privileged Access in Cloud Infrastructure, Paul Mezzera, Gartner, published June 9, 2020
CLOUD PRIVILEGES IGNORED
Even so, the mind-blowing rate at which cloud apps are now being added to enterprise environments has left Security and IT leaders scrambling to enable business users as well as infrastructure admins, and DevOps to remain productive as they work in brand new ways. Data access best practices, like the principle of least privilege, are being ”conveniently” set aside, particularly when setting up remote access to Infrastructure as a Service (IaaS) and cloud apps. At the root of the issue is the fact that existing security solutions fail to map to this brand new cloud reality. So, the priority for Security becomes simply preventing business disruption, i.e. creating an environment where people can, at the very least, continue operating their work processes remotely. It’s not enough.
Maybe as a short-term tactic it’s doing the trick in keeping work flowing. But in the long term, relegating cloud security best practices to the “deal with it later” pile could turn out to be an error of magnitude. Shifting business processes into the cloud at an accelerating rate, as the majority of companies are doing, requires a distinctly different approach than on-premise environments to protect corporate infrastructure, applications, and data.
While it’s tempting for companies to leverage their existing technology investments, adapting legacy security tools to multi-cloud environments forces a datacenter-centric approach to managing cloud access. It invariably results in enterprises spending significant resources trying to secure cloud assets using the same techniques used in datacenters – and settling for considerable security gaps.
The reality is, cloud environments are hyper-converged and service rich, demanding a cloud-native, API– driven approach to cloud security, where access to cloud services is policy driven and automated. One that uses a zero trust security paradigm to keep the attack surface to a minimum, even as the enterprise network grows. More on that soon.
RETHINK PRIVILEGED ACCESS MANAGEMENT
Having recognized the key differences in security requirements of days gone by and what’s needed today it’s time to take action. That includes rethinking privileged access management.
Many companies have already transitioned to an extended, perhaps even permanent, remote working model as a result of the COVID-19 pandemic, which makes it imperative to reassess any security compromises they may have made in getting there. It’s important to ensure new and updated access policies align with accepted security practices. It’s also the right time to prepare for the accelerating pace of multi-cloud adoption.
The first step for security managers is to conduct an audit of existing and recently modified access policies that impact cloud infrastructure and applications. A cloud privilege audit ensures users have the correct privileges and access levels for their role and day-to-day activities. And, no more than they need. Automated tools like Britive’s Cloud Privilege Visibility product, with best practices for cloud privilege management baked in, can accelerate the discovery of security “blind spots” like over-privileged users and machine identities across multiple cloud platforms and applications.
Next, limiting user privileges protects organizations against phishing scams, since privileged users continue to be the main target for phishing. The seriousness of a security breach targeting people with access privileges in critical business applications and infrastructure was on full display recently when Twitter suffered a breach as a result of a spear phishing attack which exposed 130 high profile accounts of prominent politicians and business leaders. This high-profile incident serves as a confronting reminder of the potential consequences of ignoring cloud security best practices for organizations everywhere.
Unfortunately, the current pandemic has also created ideal conditions for such attacks that take advantage of corporate disruption caused by a massive shift to remote work. In fact, the Department of Homeland Security raised the alert on precisely this risk at the onset of the COVID-19 crisis.
EMBRACE AUTOMATION TO ARRIVE AT A STATE OF LEAST PRIVILEGE
Automating the management of privileged access is the next fundamental factor in achieving strong protection in a multi-cloud environment. When budgets become stretched, as they so often do, IT has less money and resources to deliver mission-critical services for business. Again, this can mean security best practices get ignored or take a back seat.
It doesn’t have to be that way. Embracing automation now ensures IT can continue to deliver value, while improving security. When done right, automation can help organizations arrive at a state of least privilege, delivering far greater protection. Standing privileges – perpetual access rights granted to users and applications, leaving ‘doors’ permanently open for misuse – are absolutely avoidable through adopting a dynamic permissioning model.
DYNAMIC PERMISSIONING REDUCES RISK
Deploying Zero Standing Privileges (ZSP) through Britive’s Dynamic Cloud Permissioning Platform quickly reduces risk by minimizing the attack surface exposed through privileged access to critical infrastructure and applications. Dynamic simply means automatically granting access and privileges to users ‘Just-In Time (JIT)’ for only as long as they are needed – then removing or expiring them as soon as the task is complete. Automated dynamic permissioning has the power to address tens to thousands of user and machine access requests simultaneously, at cloud speed.
The term Dynamic Permissioning – referring to the dynamic management of privileged access in a cloud environment – encompasses the automated provisioning of users, roles and groups within your cloud infrastructure and applications, thus reducing the administrative overhead. A notable benefit of cloud identity management automation is that it frees both Security and IT teams to focus on other business critical items, saving valuable time and money.
CISO AND CIO – THE POWER COUPLE
In this age of digital transformation there’s never been a better time for Security and IT teams to band together to strengthen cloud security through audits and automation. Implementing and automating regular audits of roles, privileges and groups highlights areas of risk, misuse and abuse before they get a chance to disrupt the business.
Embracing Zero Standing Privileges through automation further protects privileged users and machine identities from attacks that are becoming too frequent and increasingly more disruptive to digital business.
Multi-cloud native, the Britive platform is ideally suited to helping organizations develop excellent cloud security resilience for weathering cyber attacks and all manner of digital threats, bringing all the advantages of access visibility and governance to cloud infrastructure, IT, DevOps and security teams.
See how the Britive Dynamic Permissioning Platform could deliver best-in-class cloud security for your enterprise by requesting an access and identity security assessment today.