Britive’s cloud identity security platform provides entitlement governance and management that improves an organization’s ability to gain visibility and control of human and synthetic entitlements across cloud infrastructure and applications.
Reports cited in this article:
- “Hype Cycle for Workload and Network Security, 2022”
- “Emerging Tech: CIEM Is Required for Cloud Security and IAM Providers to Compete”
According to Gartner’s recent “Hype Cycle for Workload and Network Security” report, cloud infrastructure entitlement management (CIEM) is ‘emerging’ as a highly valuable tool for organizations that operate in cloud or hybrid environments.
One reason for the hype is CIEM’s strong business impact, particularly in its fast time to value in mitigating identity risks.
As human and synthetic identities proliferate in the cloud, the complexity of managing permissions grows. But using cumbersome security tools that slow DevOps is not ideal when speed and agility are key business drivers.
CIEM helps organizations bridge the gap between business and security by balancing identity-first security and the access builders need to develop and deliver at the speed of automation.
What’s more, according to Gartner’s analysis, CIEM streamlines audit and compliance, and improves privileged access management (PAM) and identity governance administration (IGA) processes.
CIEM provides insights into entitlement anomalies, standing privileges, and elevated permissions, as well as other identity and entitlement-related analytics. Unchecked entitlements give attackers a foot in the door and increase your attack surface.
Entitlements increase as companies scale in the cloud. The problem hardens in multicloud. Because each cloud environment is a unique entity, and has its own set of security tools, maintaining visibility and control over human and synthetic identities and entitlements quickly becomes unmanageable. Organizations need ways to visualize and manage the granular and dynamic nature of cloud entitlements. CIEM helps solve this problem.
The Hype Cycle Report cites several forces driving CIEM’s rise:
- Synthetic identities (machine, service, workloads, etc.) outnumber humans by a large margin: “It is estimated that 88% of users and roles in the cloud are machine identities, not human.”
- 78% of cloud accounts contain exposed S3 buckets, and 36% of S3 buckets are open to the public.
- 70% of environments had machines publicly exposed and linked to identities whose permissions could be exploited for performing ransomware attacks.
- 80% of accounts in cloud infrastructure are inactive.
- Through 2023, Gartner estimates that at least 99% of cloud security failures will be the customer’s fault.
Given that last statistic, it would be logical to assume that a cloud organization would do its utmost to ensure a self-inflicted compromise did not happen. But as we mentioned above, security and business often struggle in a tug-of-war over which objectives to put first.
In most cases, an organization will either lean toward security or toward business. Historically, it’s been difficult to strike a balance that supports both functions. As a result, expect Gartner’s prediction to come true. After all, companies don’t move to multicloud environments to beef up security; they go to collaborate and increase velocity.
The good news is that with CIEM’s ascendance, more options are on the table for customers to use as it relates to driving business and meeting best practice cloud infrastructure entitlements management.
Keep in mind that CIEM is just emerging. But the market is warming to the idea, sees its value, and “inquiries into Gartner on CIEM have increased significantly in the past year.”
Gartner recommends that companies use CIEM as part of a broader IAM strategy and to “prioritize investment into CIEM capabilities for protecting multicloud IaaS.”
They also suggest:
- Use CIEM’s advanced analytics for simplifying dynamic privilege management with reduced manual input.
- Leverage CIEM in DevSecOps, and infrastructure as code, leveraging its abilities to provide visibility to unnecessary privileges, and refining policies, without disrupting developer flows.
The “Emerging Tech: CIEM Is Required for Cloud Security and IAM Providers to Compete” includes Britive as a sample provider.
According to the report, “One key use case for CIEM offerings is graphical visualization of access rights and entitlements across multicloud environments. This allows organizations to get a granular view of entitlements associated with a particular identity. Other use cases also include rightsizing permissions, anomaly detection in user entitlements leveraging advanced analytics and compliance automation.”
This takeaway neatly summarizes why CIEM is quickly becoming a key technology in any organization’s cloud identity security posture. Businesses need people and technology to grow. CIEM helps secure both.
Britive welcomes the shift—the functionality sits squarely in our wheelhouse. Our cloud identity security platform provides customers with unified access across all cloud infrastructure and platform services (CIPS), meaning teams gain visibility and control to protect human and machine identities and entitlements wherever and whenever they need to complete mission-critical tasks.
- Control privileged entitlements and secrets for human and machine identities
- Make business decisions based on activity analytics
- Stay in front of threats with real-time reporting
In short, we help secure your identities and privileges so your business can move as fast as the cloud.
If you’re ready to learn more, check out a Britive platform demo.
To download the Gartner reports, follow these links: