Why Cloud Security Risks Have Shifted to Identities and Entitlements
In his recent article for Dark Reading, Ermetic Co-Founder and CEO Shai Morag shares his insights on why cloud security risks have shifted to identities and entitlements. He explains that traditional security tools focus on securing the network perimeter and end up leaving user and service accounts wide open to hackers. Manually tracking cloud-access entitlements […]
By Shai Morag
In his recent article for Dark Reading, Ermetic Co-Founder and CEO Shai Morag shares his insights on why cloud security risks have shifted to identities and entitlements. He explains that traditional security tools focus on securing the network perimeter and end up leaving user and service accounts wide open to hackers.
Manually tracking cloud-access entitlements is labor intensive and time-consuming, so many organizations cut corners or skip it all together and native cloud platform tools fall short on visibility and context into entitlements and activity.
At the same time, IAM tools like identity governance and administration (IGA) and privileged access management (PAM) remain limited by on-prem infrastructures and lack granular, resource-level visibility when moved to the cloud.
Shai offers three steps to securing identities in the cloud:
- Discover all identities, human and machine, that have access to resources as well as their entitlements
- Assess entitlements of specific entities such as IAM roles and groups
- Monitor activity logs of identities and the resources they interact with
