One of the more important security controls in any organization’s security program is access controls, especially when it comes to your infrastructure. But given that most organizations lack both complete visibility into and control of their cloud infrastructure, it’s hard for security and operations teams to figure out what actions are being performed by which users, leaving them wide open to accidental or intentional privilege misuse.
Having seen this problem firsthand, CloudKnox Founder and CEO Balaji Parimi drew upon his decades of experience and research to create the CloudKnox platform. Here are the best practices he recommends for managing access controls.
What You’ll Learn
Balaji has been in the security industry for about 22 years and was an early employee at VMware (virtualization was just starting to take off). After VMware, he became VP of Engineering and Operations at CloudPhysics, a cloud infrastructure assessment startup. While at CloudPhysics, and drawing upon his experiences, Balaji realized there wasn’t a tool or solution that gave visibility into cloud infrastructure and the identities their operations are entitled to. So, he created CloudKnox to solve that problems and shares:
- How one company had seven years of work (i.e. their entire infrastructure) wiped out in 24 hours by a ransomware hacker thanks to lack of IAM security.
- Why it’s not the cloud infrastructure companies’ (e.g. AWS, Azure, GCP) responsibility to keep your infrastructure secure.
- The three most common things people don’t configure properly (e.g. excessive permissions) with respect to access controls and cloud infrastructure.
- How CloudKnox simplifies and automates managing access controls.
- Why you should put in a system to manage access controls.
Section Timestamps
[05:31] How one company had seven years of work (i.e. their entire infrastructure) wiped out in 24 hours by a ransomware hacker thanks to lack of IAM security.
[08:00] Why it’s not the cloud infrastructure companies’ (e.g. AWS, Azure, GCP) responsibility to keep your infrastructure secure.
[08:52 – 12:02] The three most common things people don’t configure properly (e.g. excessive permissions) with respect to access controls and cloud infrastructure.
[12:02] How CloudKnox simplifies and automates managing access controls.
[20:50] Why you should put in a system to manage access controls.
About The Security Demystified Show
Tugboat Logic presents The Security Demystified Show: a podcast to help you become more secure and tame the dark (and not-so-thrilling) art of compliance. Every other week, check in with Tugboat Community Manager Cheryl and security experts and practitioners to find out all of the “secrets” and myths surrounding security and compliance so you can apply what’s worked.