Automated JIT Privileged Access Management for Cloud Infrastructure
New Capabilities Streamline Policy Definition, Enforcement and Governance, Enable Self-Service Request Workflows
BOSTON and TEL AVIV, June 22, 2022 -- Ermetic, the cloud infrastructure security company, today announced the Ermetic Platform now enables organizations to automate the process of granting developers and DevOps teams “Just in Time” (JIT) access to cloud infrastructure environments. These new capabilities enable users to request, on a self-service basis, escalation of privileges for a limited time that is customized for their roles and the functions they must perform.
Cloud infrastructure environments are generally spun up and maintained by DevOps and development teams through continuous integration/continuous delivery (CI/CD) pipelines. However, developers occasionally need direct, highly privileged access to production environments for specific activities that include debugging critical issues or deploying a service manually. These all-encompassing access entitlements can introduce significant risk if not revoked when they are no longer needed, since they would provide an attacker with the “keys to the kingdom” if a user’s credentials are stolen or abused.
Gartner®, Inc. recommends: "Embrace privileged access management (PAM) principles of a least privilege approach to cloud entitlements by using cloud infrastructure entitlement management (CIEM) to reduce long-standing privileges and introducing just-in-time (JIT) privilege capabilities." 1
Traditional PAM and identity governance and administration (IGA) solutions created for the data center cannot meet the needs of modern cloud-native infrastructures since they lack the ability to address entitlement granularity and adapt to the changing nature of cloud-based policies. Ermetic is filling the PAM and IGA void in the cloud with the first solution that enables organizations to provide secure and agile JIT access to cloud environments for developers. To ensure a transparent experience for users, Ermetic also integrates with single sign on (SSO) systems.
“Developers need powerful privileges and entitlements to stand up and manage cloud infrastructures, but these should only be granted in Just in Time fashion, for a limited time and right sized to avoid excessive permissions,” said Sivan Krigsman, Chief Product Officer for Ermetic. “Ermetic has delivered the first cloud-native solution that automates the creation, enforcement and governance of developer access policies with guardrails and an expiration date.”
The Ermetic JIT Solution provides the following capabilities and benefits:
- Policy definition: enables organizations to define who can access an environment, what approvals are required, and what entitlements are permitted. Ermetic’s industry-leading CIEM capabilities, which provide full visibility into permissions in multi-cloud environments, support the creation of very fine grained policies
- Self service workflows: a streamlined interface enables developers to easily request access, notify approvers and quickly gain authorized access to required resources
- Automated access control: once access is authorized, Ermetic automatically grants access to the approved resources for the pre-defined period of time, and terminates access and revokes permissions once the window has expired
- Auditing and governance: enables security teams to maintain an audit trail and investigate access activity, including who accessed what and when, who elevated which permissions and when, what the justification was, who the approver was, etc.
The Ermetic Platform with JIT access is available immediately from Ermetic and its business partners worldwide.
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.
Ermetic helps prevent breaches by reducing the attack surface of cloud infrastructure and enforcing least privilege at scale in the most complex environments. The Ermetic SaaS platform provides comprehensive cloud security for AWS, Azure and GCP that spans both cloud infrastructure entitlements management (CIEM) and cloud security posture management (CSPM). The company is led by proven technology entrepreneurs whose previous companies have been acquired by Microsoft, Palo Alto Networks and others. Ermetic has received funding from Accel, Forgepoint, Glilot Capital Partners, Norwest Venture Partners, Qumra and Target Global. Visit us at https://ermetic.com/ and follow us on LinkedIn, Twitter and Facebook.
Marc Gendron PR for Ermetic
1 Gartner, Inc., Innovation Insight for Cloud Infrastructure Entitlement Management, 15 June 2021, Henrique Teixeira, Michael Kelley, Abhyuday Data