• Latest
  • Trending
Identity and Access Management in Multi-Cloud Environments

Identity and Access Management in Multi-Cloud Environments

June 28, 2022
ATC Ghana supports Girls-In-ICT Program

ATC Ghana supports Girls-In-ICT Program

April 25, 2023
Vice President Dr. Bawumia inaugurates  ICT Hub

Vice President Dr. Bawumia inaugurates ICT Hub

April 2, 2023
Co-Creation Hub’s edtech accelerator puts $15M towards African startups

Co-Creation Hub’s edtech accelerator puts $15M towards African startups

February 20, 2023
Data Leak Hits Thousands of NHS Workers

Data Leak Hits Thousands of NHS Workers

February 20, 2023
EU Cybersecurity Agency Warns Against Chinese APTs

EU Cybersecurity Agency Warns Against Chinese APTs

February 20, 2023
How Your Storage System Will Still Be Viable in 5 Years’ Time?

How Your Storage System Will Still Be Viable in 5 Years’ Time?

February 20, 2023
The Broken Promises From Cybersecurity Vendors

Cloud Infrastructure Used By WIP26 For Espionage Attacks on Telcos

February 20, 2023
Instagram and Facebook to get paid-for verification

Instagram and Facebook to get paid-for verification

February 20, 2023
YouTube CEO Susan Wojcicki steps down after nine years

YouTube CEO Susan Wojcicki steps down after nine years

February 20, 2023
Inaugural AfCFTA Conference on Women and Youth in Trade

Inaugural AfCFTA Conference on Women and Youth in Trade

September 6, 2022
Instagram fined €405m over children’s data privacy

Instagram fined €405m over children’s data privacy

September 6, 2022
8 Most Common Causes of a Data Breach

5.7bn data entries found exposed on Chinese VPN

August 18, 2022
  • Consumer Watch
  • Kids Page
  • Directory
  • Events
  • Reviews
Saturday, 3 June, 2023
  • Login
itechnewsonline.com
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion
Subscription
Advertise
No Result
View All Result
itechnewsonline.com
No Result
View All Result

Identity and Access Management in Multi-Cloud Environments

by ITECHNEWS
June 28, 2022
in Leading Stories, Opinion
0 0
0
Identity and Access Management in Multi-Cloud Environments

There are several challenges to implementing secure IAM practices across a multi-cloud environment. “Multi-cloud consumption raises concerns about the operational complexity of successfully managing both encryption and the corresponding keys across multiple providers, each with their own consoles and APIs,” the Thales report states. Without understanding the challenges facing machine IAM in the cloud, it is impossible to implement a solution.

  • Machine identities are growing faster than human identities. Most enterprises are equipped to deal with human IAM in the cloud, but not as many know how to secure machine identities (SSH keys, X.509 certificates and other encrypted credentials) in a multi-cloud ecosystem.
  • Public cloud native IAM tools don’t scale beyond their own environment. While many cloud architectures host their own identity and access management solutions, they are not built for protection in multiple environments.
  • IAM tools control access, not activity. While many cloud native tools provide privileged access management (PAM), they do not allow the organization to monitor or audit the activity of the user or machine once inside.
  • There is no standardized multi-cloud security model. Currently, it’s every cloud for itself as no standardization exists for securing across hybrid or multiplatform environments. In the absence of a centralized IAM solution that can operate across platforms, teams are left to duplicate their efforts.
  • The cloud itself comes with inherent security challenges, such as identity and key sprawl, vendor lock-in and lack of governance and policy.

When considering using additional cloud providers, there are specific security nuances to consider. What if you have an instance hosted by one provider (AWS) but are looking to switch and then have that instance hosted by another (Azure)? What happens to these keys and certificates? And are you comfortable having your key and certificate management split between different third-party providers? Before moving your machine identities to a multi-cloud or hybrid ecosystem, consider asking the following questions regarding certificate ownership.

YOU MAY ALSO LIKE

ATC Ghana supports Girls-In-ICT Program

Vice President Dr. Bawumia inaugurates ICT Hub

  1. Would you feel comfortable giving your keys and certificates to someone you don’t know?
  2. What happens to your hosted digital identities when you want to change providers?
  3. Who maintains ultimate ownership over your machine identities when the relationship parts ways? Or are your identities currently split between multiple public clouds, doubling the risk of compromise?

The answer might be to take ownership of the machine identities in your own environment and manage them in a vendor-agnostic platform that allows you to control where they go.

Best practices for multi-cloud SSH machine identity management

As demonstrated above, it is all too easy to lose track of your valuable machine identities in the cloud—much less across multiple cloud platforms. To allay the concerns around some of these risks and maintain proper machine identity management across your hybrid or multi-cloud environment, the following best practices for multi-cloud SSH management can be put into place:

  • Discover and maintain an inventory of all SSH keys
  • Determine ownership and user case of every SSH key
  • Remove any orphaned, shared or duplicate keys by mapping all trust relationships back to their machines (or users).
  • Control SSH configuration files and known hosts
  • Establish clearly defined SSH management policies and audit them regularly

It is important to note the utility of automation in each of the above best practices. Automating each step is becoming necessary as the unprecedented number of connected devices, APIs, application and platforms in use renders manual machine identity management “nearly impossible.” According to the Thales report, 34% of survey respondents use over 50 SaaS applications. Provisioning SSH security controls across them all by hand would be a nightmare.

IAM solutions for multi-cloud environments

When it comes to IAM in multi-cloud environments, “management complexity can be multiplied with each new cloud environment that’s added because each brings its own technology implementations, operational models and security tools,” the Thales report states. “Mastering all of them independently can be a huge resource commitment and, even if it is possible for an organization, can leave security gaps if management isn’t well coordinated.”

For that reason, it is important to find an IAM solution for machines that can work across multiple cloud environments and bring these disparate technologies together. Here is what to look for in a good multi-cloud IAM solution:

  • Vendor agnostic. Cloud-native solutions struggle to keep up with the complexity of certificates across multiple platforms. Choose a vendor agnostic solution that can enforce access controls not based on environment, but on identity.
  • Scalable. A cloud-agnostic solution reduces vendor lock-in and makes it easier to scale when other public cloud architectures are added to the mix.
  • Visibility. Your solution should give you full visibility over the keys and certificates in your environment, and automatically account for new ones deployed.
  • Intelligence. You should have all the information needed to successfully manage your certificate lifecycle in an easily accessible interface. This includes expiry dates, issuing CAs, organizational data and security configurations.
  • Automation. To avoid silos and make it easier to remain vendor-agnostic, provisioning and renewal of certificates should be automatically deployed across all cloud architectures and managed from one central location.

This limited use of encryption is especially concerning considering multi-cloud environments not only host human but machine identities as well. Machine identity and access management across multi-cloud environments has become very important because when machine identities are compromised, machines become vulnerable and companies experience costly data breaches.

Source: Brooke Crothers
Via: Security Boulevard
Tags: Identity and Access Management in Multi-Cloud Environments
ShareTweetShare
Plugin Install : Subscribe Push Notification need OneSignal plugin to be installed.

Search

No Result
View All Result

Recent News

ATC Ghana supports Girls-In-ICT Program

ATC Ghana supports Girls-In-ICT Program

April 25, 2023
Vice President Dr. Bawumia inaugurates  ICT Hub

Vice President Dr. Bawumia inaugurates ICT Hub

April 2, 2023
Co-Creation Hub’s edtech accelerator puts $15M towards African startups

Co-Creation Hub’s edtech accelerator puts $15M towards African startups

February 20, 2023

About What We Do

itechnewsonline.com

We bring you the best Premium Tech News.

Recent News With Image

ATC Ghana supports Girls-In-ICT Program

ATC Ghana supports Girls-In-ICT Program

April 25, 2023
Vice President Dr. Bawumia inaugurates  ICT Hub

Vice President Dr. Bawumia inaugurates ICT Hub

April 2, 2023

Recent News

  • ATC Ghana supports Girls-In-ICT Program April 25, 2023
  • Vice President Dr. Bawumia inaugurates ICT Hub April 2, 2023
  • Co-Creation Hub’s edtech accelerator puts $15M towards African startups February 20, 2023
  • Data Leak Hits Thousands of NHS Workers February 20, 2023
  • Home
  • InfoSec
  • Opinion
  • Africa Tech
  • Data Storage

© 2021-2022 iTechNewsOnline.Com - Powered by BackUPDataSystems

No Result
View All Result
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion

© 2021-2022 iTechNewsOnline.Com - Powered by BackUPDataSystems

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Go to mobile version