Identity Protection Beyond Borders –Disrupting Shadow Access Across the Cloud
Recap of Shinesha Cambric's CTO Advisor Hybrid Cloud virtual conference session on Identity Protection.
One of the sessions I learned net new stuff. Shinesha did an excellent job helping bring our audience along the identity management protection journey. I successfully have more things to keep me up at night.
Takeaway 1: Organizations need to develop an identity in-depth strategy to protect their digital identities and reduce identity risk.
Shinesha Cambric explained that organizations must look at their entire identity ecosystem, including the identities associated with cloud environments, to ensure they have the necessary processes and protections. "Everything you spin up within a cloud environment has some sort of identity associated to it, and those should be part of the architecture and blueprint that you keep of digital identities for your organization," she said.
Cambric also outlined two major categories of what organizations should do to reduce identity risk: identity threat modeling and visibility and governance. "From a visibility and governance standpoint, you want to reduce the footprint of what an identity has access to at a particular point in time," she said.
"Trying to leverage things like just in time and just enough access and abiding by zero trust methodologies, for example, segmenting parts of your environment so that when and if an attacker does get in that you've limited what's exposed to that particular identity."
To help organizations develop an identity in-depth strategy, Cambric suggested looking at solutions such as Stack Identity, which provides a diagram that "calls out the need to understand your data and identity posture."
Takeaway 2: It is important to comprehensive identity hybrid strategy to protect against attackers.
Cambric emphasized the importance of having a comprehensive identity strategy to protect against attackers. "Knowing your environment and partner’s plan and posture is key," she said.
"Not just looking at human identities, but assessing all identities and understanding the footprint of all identities when it comes to that architecture and footprint." Cambric also recommended aligning with a zero-trust methodology, such as implementing least privilege across all identities.
She also discussed the need for a living document that updates processes and documents as the cloud footprint changes. "As your environment changes, as you adopt new services, as your organization evolves, you want to have a continuous update of processes, of documents, of architectures, of assessments of risk," she said.
Cambric also highlighted the importance of visibility into the digital identity supply chain, including APIs, bots, and partner systems. "Understanding how that access may combine with different cloud services, different on prem services, and where you may have some types of toxic combinations coming together to open unintended doors for those identities," she said.
Finally, Cambric noted the importance of having the right tooling to help with understanding identities and access. "Being able to detect anomalies when they're occurring," she said. "You'll need some type of tooling that's going to help you there with understanding both the identities and the access that exists within your organization."