Identity Review | Global Tech Think Tank
Keep up with the digital identity landscape.
Ermetic, a cloud identity and access management company, has launched a comprehensive toolkit to provide full stack visibility and control over cloud infrastructures.
IAM, or Identity and Access Management, is becoming increasingly crucial as companies’ digital access needs become increasingly extensive and complex. IAM helps IT managers determine which network users have access to what tools, and under what circumstances. Some technologies used for IAM are password management softwares, provisioning softwares and security policy enforcement applications.
A strong IAM toolbox can protect against a variety of cybersecurity attacks ranging from ransomware and phishing. Cybersecurity Ventures predicted that global ransomware costs are expected to exceed $5 billion in 2018, an increase of 15% from 2016. This enormous price tag is not limited to just lost revenue, though. It also includes loss or destruction of data, decreased productivity, and investigation costs, showing the far-reaching effects of modern cybersecurity attacks.
“One of the biggest risks in public cloud security is access abuse, specifically excessive permissions and compromised identities having access to data and resources. The challenge is that enforcing least privilege is much more difficult in the public cloud than on-premises,” said Garrett Bekker, Principal Security Analyst at 451 Research, a part of S&P Global Market Intelligence. “Many customers are looking to add additional security controls and services themselves, and there’s increased interest in addressing user roles and permissions.”
Ermetic’s new launch contains several features that give clients more access and control than before, making it a true full stack IAM platform.
The new technology allows clients to have more information when assessing risks, allowing managers to view both network access and IAM policy entitlements. Machines with access to the internet are more of a security threat than those without.
“While it’s virtually impossible to determine entitlement risks for users and machines using tools offered by cloud platform providers, third party tools that rely exclusively on identity and access policies without also analyzing network access do not provide a true and accurate view of risks,” said Shai Morag, CEO and Co-Founder of Ermetic. “Ermetic is the first solution to provide full stack visibility into both identity entitlements and network access configurations, which enables customers to comprehensively assess and govern the risks associated with complex scenarios of users, machines and resources.”
Furthermore, the new technologies enable integration of cloud infrastructure entitlements management (CIEM) into existing workflows and operations through a new policy wizard that automates policy administration and risk remediation.
The new launch gives clients greater visibility into the permissions granted to each individual user. Ermetic helps monitor risks introduced by third-party contractors and applications by auditing third-party users and managing their accounts and permissions. They are also able to monitor users that use SSO to access their cloud resources, giving clients a true 360 view to each users’ accessibility in their network.
This new launch from Ermetic helps companies strive toward least privilege access across all of their cloud infrastructure and helps solidify clients’ IAM toolbox with greater visibility and control.
ABOUT THE WRITER:
Lydia You is a computer scientist from Princeton University living in New York City. She is a Tech Innovation Fellow at Identity Review covering the intersection of technology, internet culture and the future of digital media.