- Organizations using some of the top cloud providers are leaving themselves vulnerable by improperly managing access privileges, according to a report from CloudKnox. By allowing inactive or over-privileged accounts to remain active, a malicious actor can gain access to organizations, where they can move laterally over time and gain access to sensitive information.
- More than 90% of identities are using less than 5% of permissions granted, according to the report, which is based on 150 risk assessments.
- Companies need to close this gap by implementing least privileged access policies and a zero trust security model, according to CloudKnox.
Companies are too lenient in terms of allowing high-level access to their IT systems. Access gaps open the door for malicious threat actors to hide inside the corporate systems using trusted identities to exfiltrate data.
"There is an industrywide cloud permissions gap crisis that is leaving countless organizations at risk due to improper identity access management (IAM) controls," Raj Mallempati, chief operating officer at CloudKnox said via email.
Cloud infrastructure misconfigurations continue to be a problem at Global 5,000 companies, he said.
"The lack of a holistic approach to cloud security across all industries along with a rapid, unplanned adoption of cloud infrastructure at scale leads to security being an afterthought," he said.
Limiting access privileges has been a recurring issue during the past several months, as some of the nation's leading IT companies and government agencies recover from the nation-state attack that targeted SolarWinds as well as other sophisticated campaigns.
By 2023, about 75% of security failures will result from inadequate management of identities, access and privileges, up from 50% during 2020, according to a 2020 report on privileged access and cloud infrastructure from Gartner.
"The cloud poses many challenges and we're just getting a taste of this new area that needs to be accounted for," David Mahdi, senior research director at Gartner, said via email. "As more organizations leverage cloud services, they will need to ensure that they account for new risks, including identity and privilege access management in cloud environments."
Gartner research has shown traditional identity tooling solutions — like identity governance & administration (IGA) or privileged access management tools (PAM) — are insufficient to manage the complexity of cloud-based user entitlements, Mahdi said.
Security and IAM leaders can mitigate the risks of data breaches and outages caused by excessive entitlement by considering whether cloud infrastructure entitlements management (CIEM) in existing and emerging tools.
"They typically use analytics, machine learning and other methods to detect anomalies in entitlements, like accumulation of privileges, dormant and unnecessary entitlements," Mahdi said.