Right-size permissions across a multi-cloud environment
A key component of the Zero Trust model is ensuring that user, admin, and system identities are granted permissions according to the standard of least privileged access. Restricting permissions to only those required by an entity to perform their specific job function helps limit the damage that a malicious attacker or negligent user can inflict on the organization. While you may have a solution ready to support your on-premises infrastructure, many organizations struggle to provide that same security to permissions and activities across their cloud environment.
Just like with on-premises environments and solutions, permissions in the cloud tend to accumulate over time. It’s very common for users to increase their permissions to perform a job function, but it’s much less common for those users to scale their permissions back down after they are no longer required! Additionally, as organizations continue to increase their cloud footprint, the complexity of the permissions and associated resources necessary to maintain that infrastructure expand exponentially. Multiply these challenges across different cloud infrastructures and across an entire organization and you can start to picture the scope of the problem. Left unchecked, these excessive and unused permissions represent a significant attack surface, leaving your investments in the cloud vulnerable.
Introducing Microsoft Entra Permissions Management: a cloud infrastructure entitlement management (CIEM) solution that offers complete visibility and responsiveness to permissions and activities across the three major cloud providers, Microsoft Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP). Permissions Management incorporates the capabilities of CloudKnox, acquired by Microsoft in 2021, and it helps to further Microsoft’s commitment to protect resources and identities across multi-cloud and hybrid cloud environments. Let’s take a look at how you can leverage this solution to solve this complicated issue.
Discover, Remediate, & Monitor
Permissions Management works across three use cases, designed as a phased process, to optimize the use of the identities and permissions within your cloud infrastructure. First, Permissions Management can scan through your Azure, AWS, and GCP environments and discover robust analysis about user and entity assigned permissions, their use, and the associated risk level. You can leverage immediate value from the Permissions Creep Index (PCI), a metric from Permissions Management that measures the risk that excessive and unused permissions represents to your organization. During this process, Permissions Management also creates a baseline of user and resource activity. This baseline is updated on an on-going basis as new signals are analyzed and this baseline enables Permissions Management to discover anomalous behavior going forward.
The reports and analytics provided in the discovery phase leave you well prepared to act, bringing us to the remediation phase. Easily remove excessive and unused permissions, directly from the dashboard. Automating this process enables admins to right-size the organization with just a couple of clicks and removes the possibility of manual errors. Permissions Management can also continue to remediate permissions on an ongoing basis, protecting user and workload identities over their lifecycle.
Permissions Management can continue to monitor your cloud infrastructure and discover, based on previous user activity, anomalous actions that may represent intentional exploitation of permissions or misuse, backed by the more than 8 trillion security signals Microsoft processes on a daily basis. Proactive alerting ensures you are notified about any potential threat in time to take quick action. Then you can run rich forensic reporting to investigate user actions to resources across the multi-cloud environment.
Core solutions components
If you are interested in learning more about how Permissions Management can help you further develop your Zero Trust strategy across your cloud providers, contact us HERE to schedule a meeting with one of our consultants. We can demonstrate how Permissions Management works and the types of insights and response actions the solution can provide. We can dive into use cases that are unique to your organization to discuss how Permissions Management can assist your organization with its specific goals and issues.
At the time of writing, Microsoft is offering a free, 90-day trial of Permissions Management, which we can help you deploy in your organization, and we can work with you to analyze the results obtained in the discover phase outlined above and then recommend next steps.