The key headline of the latest Unit 42 Cloud Threat Report isn’t about the most sophisticated attacks. It’s that nearly all organizations we analyzed lack the proper controls to keep their cloud resources secure.
The term for this in cloud security is identity and access management (IAM), and it refers to the policies that define who has permission to do what in a cloud environment. A fundamental best practice for policies like this is to apply least privilege access – ensuring that each user or group has the minimum access required to perform necessary functions. This helps minimize the damage an attacker can do in the event of a compromise as the attacker will only gain access to the limited information and capabilities of that one compromised cloud resource.
To read this article in full, please click here
Support the originator by clicking the read the rest link below.
