IDSA Introduces CIEM Best Practices
The Identity Defined Security Alliance recently announced their list of Best Practices for Cloud Infrastructure Entitlement Management.
While a mature Identity and Access Management (IAM) program is not required for an identity-centric approach to security, it will definitely improve the effectiveness.
The Identity Defined Security Alliance (IDSA) regularly updates their list of IAM Best Practices including recommended hygiene tips that focus on the people and process, as well as the technology, aspects of an IAM program.
Their most recent addition to the list? Best Practices for Cloud Infrastructure Entitlement Management (CIEM).
CIEM Best Practices according to the IDSA include:
- List and track all identity relationships in your cloud infrastructure.
- Process logs to profile the activity of identities and detect anomalous behavior patterns.
- Integrate the remediation of excessive permissions to existing workflows.
- Manage Just-in-Time access to reduce standing privileges.
To read the full list of Best Practices, visit the IDSA website. CIEM Best Practices are near the end of the page.