Cloud Use Cases: Critical PAM Controls to Secure a Modern Cloud Environment

The majority of cloud security breaches and failures are caused by poor management of identities, access and privileges. Gartner stated in their 2019 Innovation Insights for Cloud Security Posture Management report that:

“The challenge exists not in the security of the cloud itself, but in the policies and technologies for security and control of the technology. In nearly all cases, it is the user, not the cloud provider, who fails to manage the controls.”

Research from McAfee found that organisations averaged 4.3 cloud threats every month from external hackers, malicious insiders or unintentional errors. This results in one or more compromised account within 80% of organisations.

Our reliance and dependence on the cloud means that IT security and working practices must be updated to support this modern way of working. Let’s take a look at the cloud use cases and the critical Privileged Account Management (PAM) controls that can help your organisation secure its cloud environment and mitigate the risk of attack.

Infrastructure-as-a-Service (IaaS)

Misconfiguration of IaaS is one of the biggest causes of cloud security breaches and failures according to McAfee. Having a handful of misconfigured IaaS instances running at any given time can result in thousands of misconfiguration incidents per month.

It is also believed that a common IaaS misconfiguration error is setting “open write” permissions, which potentially leaves the door open to hackers to steal and corrupt your assets and sensitive information.

Organisations can reduce the risk of IaaS vulnerabilities and protect their organisations with PAM for the cloud. With PAM you can protect root accounts for servers that are set up in the cloud, limit access to the cloud control panel for all critical resources and govern ongoing access to cloud resources.

DevOps CI/CD environments

All too often DevOps practices can accidentally create vulnerabilities in privilege management, resulting in a significant increase in the threat of attack from hackers. Cloud services play a vital role for DevOps teams, it enables them to scale up containers, servers and applications and deploy them across multiple environments.

On-demand access to cloud-based applications and databases is crucial for DevOps teams, as they need access to be able to administer systems and resolve bug issues.

With PAM built for cloud use cases, you can manage access to the admin consoles that control cloud development resources, secure how DevOps systems talk to each other and with databases, applications and enabling systems and remove the need for hardcoded credentials with API calls to a secure PAM vault.

SaaS applications

One of the biggest threats to organisations security is human-generated passwords, not only are they typically weak but they are often not stored securely, are shared amongst the team and used across multiple accounts.

For example, some of the most common user-generated credentials are “123456”, “qwerty” and “password”, while they may be easy to remember they are even easier for hackers to guess.

If a user’s credentials are compromised and they use the same password for their email, corporate LinkedIn account and Dropbox account, a hacker potentially has access to all the information stored in them.

PAM controls can help lower the risk of SaaS applications by providing browser plug-ins for single-sign-on inject stored credentials into browser-based SaaS tools and AML integration allows you to enforce consistent policies for password complexity and rotation for an enhanced level of control.

Thycotic is the leading provider of cloud-ready privilege management solutions. Thycotic’s security tools empower over 10,000 organisations from small businesses to the Fortune 500, to limit privileged account risk, implement least privilege policies, control applications and demonstrate compliance.

Next Steps

The IT industry has seen a dramatic rise in phishing and ransomware attacks leveraging the CV-19 pandemic. In particular, cyber attackers have targeted backup environments to disable an organisation’s ability to recover clean copies of their data and restore IT systems as a way to avoid paying ransoms.