Mismanagement of identities, access and privilege will be the number one reason for cloud security failures, new research by Gartner suggests.
The firm's Managing Privileged Access in Cloud Infrastructure report claims that by the time we hit 2023, three quarters of all security incidents in the cloud will be attributed to these problems, up from 50 per cent we have today.
“Protecting cloud infrastructure is crucial, especially with more workloads hosted across cloud service providers,” Gartner explains. The report’s author, Paul Mezzera, believes security and risk management technical pros need to deploy proper tools which will enable effective management of cloud infrastructure entitlements, thus reducing risks caused by unauthorised access.
To that end, Gartner suggests businesses opt for specialised cloud infrastructure entitlements management tools. Describing the tools the analyst claims they are “identity-centric”, which makes the management of cloud infrastructure entitlements their “primary focus.”
In the past year and a half, nearly four in five businesses suffered a cloud data breach, cloud security firm Ermetic said in a recently released report. Ermetic has also been named in Gartner’s report as a cloud infrastructure entitlements management vendor.
Based on a poll of 300 CISOs, Ernetic’s report states that 80 per cent of businesses are unable to identify excessive access to sensitive data in IaaS and PaaS environments, which is posing a threat to security.
“We are pleased that Gartner has named Ermetic within its Cloud Infrastructure Entitlements Management Vendor Landscape report,” said Shai Morag, CEO of Ermetic.
He added, “we agree with Gartner, which states in the report ‘the number of entitlements across cloud infrastructure is growing in size and complexity as more CSP offerings and services are added’. It is impossible to keep pace with this change, and therefore manual methods for determining least-privilege access are not feasible nor scalable. To address this adequately, organisations need to have a more identity-centric view of their cloud infrastructure entitlements. Further, given that events can generate large amounts of data, an automated analytics and machine learning (ML) engine can aid in determining whether entitlements assigned are dormant or improperly used’.”