Cloud-native security is a rapidly evolving industry reacting to the increasing threats unique to organizations that are exclusively or primarily operating on cloud applications and platforms, says Art Poghosyan, CEO and co-founder of Britive, and examines the threat misused credentials pose to cloud operations.
In a recent reportOpens a new window , Gartner named Identity System Defense as a top trend in cybersecurity for 2022. The list of cybersecurity trends points to the misuse of credentials as a primary attack point for cybercriminals to access sensitive data.
Confronting the Dangers of Credential Misuse
In the multi-cloud landscape, credentials are a hot commodity. Whether it’s a single user’s login and password or a company’s confidential database of customer information, credentials are used to grant access to resources and protect sensitive data from falling into the wrong hands. When credentials are misused, they can leave organizations more vulnerable to attack. While the concept of identity access as a critical aspect of cloud security isn’t new, it is certainly emphasized by Gartner’s recent report.
Excessive standing privileges causing problems
The most common credential misuse stems from excessive standing privileges, which occur when users are granted more access than they need. This can create an increased attack surface, and cybercriminals can use overprivileged access as an entry point for attack. Â Although standing privileges are often implemented as a matter of convenience to avoid the hassles of strict security checkpoints, their risks far outweigh their rewards.
SolarWinds as a cautionary tale of standing privilege
SolarWinds is a cautionary tale of standing privilege, as mentioned in the Gartner Cybersecurity Trends ReportOpens a new window . The SolarWinds data breach in 2022 happened because attackers were able to gain access to SolarWinds’ environment through a supplier’s standing privileges. SolarWinds could have avoided this attack by implementing a just-in-time (JIT) access solution that would have allowed SolarWinds to grant only the necessary privileges to its human and synthetic users for an ephemeral time period.Â
SolarWinds’ over-privileged posture resulted in one of the largest data breaches of the year and caused immense damage to SolarWinds’ reputation. SolarWinds serves as a reminder that attackers can exploit excessive standing privileges and that companies must take steps to prevent such attacks. SolarWinds is a cautionary tale of standing privilege, and its story should serve as a warning to other companies operating in the cloud.
See More: Cloud Security Learnings from 2022: Onto a Safer Cloud
ZeroTrust philosophy is the future of cybersecurity
Many organizations are turning to zero trust philosophy as a way to reduce risk. This approach involves always verifying a user’s identity and restricting their access to only the necessary resources rather than assuming that all users on the network can be trusted. With traditional perimeter defenses no longer applicable in a distributed environment, zero trust ensures that only authorized individuals can access sensitive data and systems.
Implementing a zero-trust strategy often takes place in phases because it can require significant changes to an organization’s infrastructure, processes, and culture. However, the effort can pay off in reduced risk of breaches and compliance violations, as well as improved efficiency through streamlined access management. In addition to adopting zero trust internally, many organizations are also looking for service providers and vendors who follow this philosophy in their security practices. This helps ensure that there are no weak links in the organization’s overall security posture.
Solutions to Mitigate the Vulnerabilities of Cloud-native Companies
As attack surfaces continue to grow in the cloud f, the need for efficient cross-cloud solutions has never been more urgent. A recent study found that the vast majority of cloud administrators are not confident in their ability to secure their data and applications across multiple clouds. This is a worrisome trend, as it leaves companies vulnerable to attacks from a variety of directions. The good news is that there are cloud security strategies and solutions developed specifically to tackle this emergent need.
Doubling down identity access management (IAM)
As cloud-based operations become a standard across modern industries, companies are called to increase the strength of their Identity Access Management (IAM). IAM is a critical component of any cloud-native company’s security strategy. A strong cloud IAM system uses an identity-centric approach to managing access for humans and machines.Â
When done well, it can help reduce privilege sprawl by only granting users access when needed, and it also provides a centralized place to manage user accounts and permissions. IAM is also important for auditing and compliance, as it can help track which users have accessed which resources and when. By implementing IAM best practices, companies can help to keep their data safe and secure. IAM is an essential tool for any cloud company, and companies should ensure that they have a strong IAM strategy. This will be especially critical in the coming years as breaches and security threats continue to rise.Â
Standing privileges reduced by JIT access solutions
Just-In-Time (JIT) access is a crucial element of IAM that is increasing in momentum as companies seek efficient ways to lock down their privileged access. Organizations need ephemeral access to privileged accounts to get their jobs done securely and efficiently. A cross-cloud JIT access solution can mitigate risk by putting dynamic, automated time parameters around granted access for human and synthetic users.Â
By only providing access when it is needed and then revoking it when the task is complete, JIT access solutions help to create a zero-trust posture. This reduces the chances of privileged accounts being compromised and shrinks the overall attack surface of the organization. In addition, JIT access solutions can help improve compliance with security policies and regulations. By reducing standing privileges, JIT access solutions help organizations meet their security obligations and dramatically reduce their vulnerability to attack.
While credential misuse is a real and present danger to cloud companies, steps can be taken to defend against attack. Implementing JIT access is one such step that can help organizations achieve a zero-trust posture and protect sensitive data in the modern cloud landscape.
How are you tackling the misuse of credentials? Share with us on FacebookOpens a new window , TwitterOpens a new window , and LinkedInOpens a new window .