The new threats to businesses exist on various levels. They are particularly evident in the increasing use of cloud services and remote work. In a cloud environment, in principle, any human or machine identity can be configured with thousands of authorisations – different for each cloud. For example, it is possible to assign authorisations to users, groups, and roles depending on the respective task profile. However, many companies unintentionally configure the various identities with access rights within the cloud services that they do not need. Numerous studies show that accounts and roles with too many authorisations are among the most common misconfigurations of cloud services. In addition, most cyber-attacks on cloud applications and services in the last twelve months can be traced back to the misuse of these unnecessary privileges.
IT teams must also account for employees when designing security strategies. After all, the end device of the individual employee is an important first point of entry into the company network. Not only the privileged access options of those remote employees who have access to the central systems and resources of a company must be secured. Establishing procedures such as multi-factor authentication, single sign-on or rights management for all employees working from home is just as important. This means the classic privileged access management for privileged users must be expanded to include the entire user community of a company.
Regarding the cloud and remote work, there is one important thing in common: the traditional network perimeter has dissolved to a great extent. Identity has emerged as a new perimeter. This makes it the most important line of defence for companies. A comprehensive identity security approach based on privileged access management must focus on securing individual identities – regardless of whether it is a person or a machine.
Securing identities – human and machine
The specific tasks of an identity security solution include securely authenticating an identity, authorising it with the correct permissions, and granting this identity access to critical resources in a structured manner. In other words, a zero-trust principle should apply. It provides for the review of all actors and processes that want to establish a connection to critical systems. Every identity that wants to access company resources is verified with several factors – the more critical the access, the stronger the authentication.
Every identity-based security strategy should contain two essential components: the assignment of context-related rights and access for non-human access. On the one hand, companies have to give users appropriate rights depending on the activity to be performed. This least privilege and just-in-time approach avoids permanent accumulation of rights and thus makes it much more difficult for attackers to get to their target. On the other hand, a company should not only see the term identity in the context of human activities. In hybrid cloud environments in particular, it is essential that applications or their programs and automatisms also have a suitable structure of rights and that access is secured and controlled in the same way as that of people. A good example of this are Robotic Process Automation (RPA) projects in the business environment or automation tools such as Ansible in the IT sector.
Companies’ relative attack surface is increasing in size as the number and types of identities in business applications and cloud workloads increase. Since both human and non-human identities can have access privileges, new security strategies are required. While organisations must focus on privileged access management, they must also expand their strategies to include comprehensive identity security. Source
iTM covers all aspects of cybersecurity from Home cyber security managed solutions to automated, manage threat intelligence, forensic investigations, Cloud security best practice and cyber security training. Our objective is to support organisations and consumers at every step of their cyber maturity journey. Contact Us for more information