IDENTITY AND ACCESS MANAGEMENT: THE FIRST LINE OF DEFENSE

IDENTITY AND ACCESS MANAGEMENT: THE FIRST LINE OF DEFENSE

 

IDENTITY AND ACCESS MANAGEMENT: THE FIRST LINE OF DEFENSE

Misconfigurations continue to be at the center of the majority of known cloud security incidents. However, if you look closely under the hood, many times, it is the result of a few poorly written identity and access management (IAM) policies. IAM is the most critical and complex component that governs the authentication and authorization of every resource in a cloud environment. Put simply, IAM is the first line of defense in most cloud environments.

In this report, Unit 42 researchers analyzed 680,000+ identities across 18,000 cloud accounts and over 200 different organizations to understand their configurations and usage patterns. The research reveals that nearly all cloud identities are overly permissive, and many grant permissions that are never used. Additionally, 53% of cloud accounts allow weak password usage and 44% allow password reuse.

Unfortunately, malicious adversaries appear to know this as well. Unit 42 researchers have created an industryfirst Cloud Threat Actor Index, which charts the operations performed by actor groups that target cloud infrastructure. Importantly, researchers have also found that each of the cloud threat actor groups targets cloud IAM credentials. Overall, the findings indicate that when it comes to IAM in the cloud, organizations struggle to put good governance in place, opening the door for malicious actors to have wider access to cloud environments.

White Paper from  PaloAltoNetworks_logo

    Read the full content


    If your Download does not start Automatically, Click Download Whitepaper

    Show More