Once upon a time, cybersecurity was simple: build a wall, lock the door, and hope the bad guys couldn’t pick the lock. But in today’s multi-cloud reality, that door has turned into a revolving one, and the bad guys have VIP passes. Enter Zero Trust, the policy that assumes everyone is a suspect. Sapna Nair, General Manager of Saviynt India, gives us a front-row seat to the challenges, breakthroughs, and the occasional absurdity of building a secure fortress in a borderless digital world.
From leveraging AI and machine learning to address visibility gaps to implementing cloud-native solutions for secure identity and access management, she offers a comprehensive guide to overcoming hurdles and achieving Zero Trust success in multi-cloud frameworks.
Excerpts:
What unique challenges do multi-cloud environments pose for companies adopting a zero-trust security model?
Cloud environments are scalable and elastic, which means that resources are ephemeral. Solutions designed for static on-premises IT infrastructures fail to provide full protection. Cloud environments are borderless computing ecosystems in which distributed workforces can access resources from anywhere, making the traditional "castle and moat" model of perimeter security insufficient.
With a Zero Trust approach, the security strategy is "never trust, always verify." Users must verify their identity every time they access a cloud resource. Zero Trust, however, is very difficult to manage in a multi-cloud environment. Each cloud provider has its own security model and IAM construct. Visibility across multiple clouds is very hard to achieve.
How are you helping clients integrate zero-trust principles with their existing cloud security frameworks?
Saviynt’s Identity Cloud is a cloud-based platform that converges identity security onto a single solution to support Zero Trust initiatives around access control and data protection in hybrid and multi-cloud environments:
Identity Governance and Administration – ensures deep visibility into the access every identity has, as well as applying right-sized access across ecosystems by enforcing role and application access controls
Privileged Access Management – to provide time-bound, least privileged access for elevated privileges
Application Access Governance – that prevents segregation of duties (SoD) or policy conflicts across environments
External Identity Management – to gain control over external party activities
What role does AI and machine learning play in enabling zero-trust architectures within multi-cloud frameworks?
Where activity or settings in one cloud may be deemed acceptable, how other clouds are deployed can impact security across environments. The use of AI and machine learning can greatly speed the detection and remediation of troublesome activities and access that would otherwise be missed. AI/ML continuously learns about the activity taking place within your organization and becomes more accurate over time to quickly identify violations.
AI and machine learning deliver strong capabilities in aggregating and normalizing data from different sources and support continuous compliance by simplifying management for administrators with centralized reporting.
Could you discuss any specific zero-trust solutions or services your company offers that address the challenges of multi-cloud data protection?
Saviynt Privileged Access Management (PAM) is a cloud-native PAM solution built on a converged cloud identity governance platform. It provides a single control plane to manage security and identity across multi-cloud environments and enables cloud admins and DevOps teams access cloud resources on a just-in-time, just-enough access (least privileged access) basis.
What strategies or tools do you recommend for organizations struggling with secure identity and access management across different cloud providers?
Find a solution that can centralize data from disparate sources and automate as much of the detection and remediation capabilities as possible. Point solutions often leave gaps in visibility while increasing management complexity and costs. Enabling just-in-time access throughout all environments also limits and prevents excessive access.
Additionally, leveraging the following cloud security and governance best practices to position your organization to mitigate security risks presented by operating in the cloud:
● Import fine-grained access permissions and usage activity so you understand who is doing what and who has access to what
● Classify your data in the cloud based on content, identity, access, and usage
● Standardize policies for requesting data from specific cloud-based applications
● Intercept access grants to files or roles, and evaluate new instances against current business policies
● Leverage continuous controls monitoring for all cloud applications, collaboration, or infrastructure vendors
● Ensure separation of duties across all cloud providers
How can companies measure the success of zero-trust implementation in a multi-cloud setup?
There are several key performance indicators organizations can use to measure success. These can be used to identify and establish trends, and identify where remediation should begin. Among these are:
- Increase or decrease of privileged access violations
- Percentage of identities mapped across different cloud platforms
- Detection and remediation of duplicate identities, orphan accounts, and service accounts
- Removal of outlier access
- Number of shared service accounts
What are the best practices for incident detection and response under a zero-trust framework?
Don’t rely on annual audits but strive to maintain continuous compliance with “always on” monitoring that actively surveys activity and provides alerts for anomalous activities and excessive or abandoned access. Automate as much as possible so security teams can be more proactive in their threat detection and response duties. Streamline policies across all environments, allowing you to simplify security management and better support compliance with internal and external frameworks and regulations.
In your experience, what are the most common pitfalls organizations face with zero-trust in multi-cloud deployments?
Common challenges we see include the lack of a centralized security program that provides visibility across all cloud environments and the inability to normalize security policies across vendors. Many organizations also have difficulty integrating existing legacy or on-premises systems with their cloud environments and don’t account for third-party/external access.
Remember, zero-trust is a journey. Begin with an assessment of your current environment compared to where you want to be. Focus on which user accounts and identities, devices, application workloads, and automated services or machine identities are granted access to which resources, when, and how this is accomplished (policies). Then, build out a strategy and team that can help you reach your goal.