IDC: Cloud Rights and Access Management Leading Security Risk
06.08.2021
the critical importance of detecting over-permissions in the cloud, writes Sivan Krigsman, chief product officer and co-founder of Ermetic, on eWeek.
The flexibility of public clouds allows customers to provision resources at the click of a button, launch containers based on dynamic scaling requirements, and more. A typical public cloud deployment can quickly become a vast maze of interconnected machines, users, applications, services, containers, and microservices.
Therefore, monitoring, assessing risks, and defining access and permission policies for multiple machines (applications, services, etc.) and human identities is a huge task, especially as more organizations adopt a multi-cloud computing strategy.
Some of the most high-profile cybersecurity incidents in jordan mobile database years have been a direct result of customers failing to properly configure their cloud environments or granting excessive or inappropriate permissions to access cloud services, rather than due to the cloud provider failing to meet its responsibilities. Because access policies must be adjusted frequently over time, the potential for human error increases dramatically.
IDC Sees Cloud Over-Permissions Problem
Growing concern about this issue is reflected in an IDC study in which more than 71% of respondents said detecting excessive permissions in the cloud was very or extremely important. However, only 20% of respondents reported that they were able to identify situations in which employees in their organization had excessive access to sensitive data. These numbers clearly reflect the gap between the importance that decision makers place on this issue and their limited ability to do so.