Rush to maintain business continuity means proper management over who has access to IaaS environments has slipped for many organisations
SailPoint, the leader in identity management, has found that 45% of companies globally have experienced cybersecurity attacks fuelled by visibility and control deficiencies relating to the management and access of IaaS infrastructure.
The findings resulted from a global survey of executives and identity professionals, which reveals that organisations are failing to prioritise proper identity governance controls for IaaS platforms in the same way they would for other parts of the business, such as applications and data. This failure to understand who has access to what and when for IaaS environments is leaving a gaping hole for hackers to gain unwarranted entry into organisations, as well as for audit and compliance issues to develop.
The survey also reveals that 74% of companies are currently using more than one IaaS provider, with almost half (42%) using three or more. The increased use of multiple IaaS environments has made keeping tabs on access more difficult for organisations to manage by themselves. Seven out of 10 companies reported relying on multiple tools to try and manage their IaaS environments – a move leading to nearly all respondents (97%) experiencing problems with governing access, making them more susceptible to a cyber attack.
With the Covid-19 crisis accelerating the move to the cloud for many organisations, the use of multiple IaaS vendors has helped to match workloads, minimise costs, and provide on-going business flexibility. However, in a rush to get up and running remotely, organisations have struggled to manage and govern access over these IaaS environments, leading to increased risk of being breached.
Despite companies’ best efforts to keep up, the survey also found most of them (91%) are still relying on manual processes to properly document and report user access and activities. Over a third fail to perform regular governance reviews of user entitlements and actions, meaning companies are not paying close enough attention to who should and who shouldn’t have regular access to IaaS platforms. Such entitlements should be reviewed and audited regularly to ensure systems remain robust and secure against hackers.
The findings from SailPoint indicate that organisations are typically failing to wrap in proper identity governance controls over who has access to IaaS infrastructure. To minimise security and compliance risks, organisations need to manage IaaS in the same way they manage other cloud apps and resources – by optimising governance processes and consolidating tools that manage this access and control.
Ben Bulpett, EMEA Director at SailPoint comments:
“The move to IaaS has allowed many companies to ensure business continuity whilst working remotely. But with organisations working at breakneck speed to get up and running from home, proper management of who or what has access to multiple IaaS platforms has slipped through the net for many. We are likely to see more security and compliance gaps surfacing, as the compliance damage of this ‘break glass’ moment becomes known.
“Understanding who exactly has access to what, and when, is critical in order to protect the enterprise network against trespassers. IaaS might be a newer area of the business, but the rule is just as critical here.
“IaaS is a business-critical technology that speeds up and enables today’s digital organisations; however, without proper governance, this can represent a significant cybersecurity risk. Companies that can extend how they are already governing and managing access to new cloud environments will be well on their way to improving their cybersecurity and compliance posture.”
The SailPoint report on the State of IaaS can be found here: https://www.sailpoint.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.