The ‘Achilles Heel’ of Cloud Security: Standing Access Privileges
Ermetic co-founder and CBO Arick Goomanovsky explains how JIT access can help security pros more effectively manage cloud security
In his latest article for SCMedia, Ermetic co-founder and CBO Arick Goomanovsky takes a look at the security risks associated with standing access privileges — continuous and persistent permissions granted to specific resources, which can serve as entry points for cyberattacks. Arick explains the benefits of Just-in-Time (JIT) access, where privileges are granted only for the necessary time to perform tasks, as a more secure alternative.
The complexity of managing permissions in cloud environments with numerous identities and resources makes security challenging. Zero Standing Privileges (ZSP) may not be feasible, as users require access to systems and data for business productivity. In the article, Arick explains the benefits of implementing JIT access through automation to grant time-limited elevated privileges on an as-needed basis. This approach, coupled with a cloud infrastructure entitlement management (CIEM) layer, provides better control over permissions and reduces the attack surface, enhancing security without hindering business operations.
