All about the boundaries: The cloud IAM lifecycle approach

All about the boundaries: The cloud IAM lifecycle approach

The flightpath


If your organization has ever thrown up its collective hands in frustration over chasing endless permissions to be verified or been asked to increase the number of identity policies as you scale up further into the cloud, you likely know how quickly this “situation” can lead to chaos. But you don’t want to hear about that, you’ve likely already lived it.


Implementing cloud Identity Access Management (IAM) boundaries can seem like an oxymoron in the midst of rapid growth or need for access as new personnel, teams, or supply-chain partners come online. After all, there are lots of cloud service providers (CSPs) creating piecemeal solutions based on separate products that address different functions and lines of business. So, these identity boundaries will inevitably breach...right? If managed properly, they will not; your cloud IAM complexity will start to untangle and — with the right approach — reform itself into a sustainable lifecycle.


Accelerating toward risk remediation


En route to a working cloud IAM lifecycle, security teams essentially become investigative reporters. The big question: who needs access to what? And the question that comes after that:



With the myriad users (analysts, incident-response team, DevOps) needing access, what is the risk associated with that access to cloud applications?



Highlighting anomalous activities is the best way to identify areas of IAM policy risk. DivvyCloud by Rapid7 features an IAM Governance Module that enables teams to compare current and past efforts so they can find things like false p ..

Support the originator by clicking the read the rest link below.