Solutions

USE CASE

Cloud management

Kubernetes rightsizing

Cloud reselling

FinOps

PERSONAS

Finance

For FinOps and IT financial leaders

Engineering

For platform and DevOps teams

IT operations

For ITOps leaders and sys admins

Cloud operations

For CloudOps leaders

CAPABILITIES

Hybrid cloud reporting

Turn cloud data into actionable insight

Continuous optimization

Cloud cost optimization that runs itself

Allocation and chargeback

Cloud cost allocation & chargeback

Provisioning & self-service

Deliver resources in minutes

Reselling & distribution

Cloud billing for modern resellers

Why CloudBolt

Build, manage, optimize

Partners

Technical Alliance Program

CloudBolt Partner Program

Become a partner

All resource types

Cloud Management Platform Roadmap Webinar

All resource types

CloudBolt Software Listed in AWS “ICMP” for the US Federal Government

Videos

From our leaders: StormForge joins CloudBolt

Resources

All resources

Blog

Industry Research

Events

Videos

Beyond the Dashboard: Why FinOps Must Evolve for AI, Automation, and Reality

Company

About us

Press

Careers

SUPPORT

Service offerings

All resource types

Ready to run: A FinOps guide to Kubernetes cost optimization

Comparison Guides

CloudBolt named market leader in 2025 GigaOm Radar Report

Request a demo

Cloud Security Essentials: Nail Down Access Management or Risk Getting Hammered

by: Chip Zoller / May, 25 2021

Where are you in your public cloud security optimization journey?

Public cloud adoption is exploding. Gartner forecasts worldwide public cloud end-user spending to grow 18% in 2021 to $304.9 billion. Organizations are taking hybrid and multi-cloud approaches to digitally innovate, modernize processes, build efficiencies, and collaborate among teams. With the right public cloud approach, your development team can get the resources they need fast to move your enterprise forward.

But with any technology, there is risk. Security breaches happen, and the proliferation of public cloud has given rise to shadow IT and other threats to your critical data and infrastructure.

This is the fourth post in a weekly blog series examining each of the seven essentials. This week, we’re taking a look at Essential #4: Nail Down Access Management or Risk Getting Hammered.

Essential #4: Nail Down Access Management or Risk Getting Hammered

Whenever there’s something new in technology, whether it’s new in public cloud or some other area, it’s a common pitfall to sit in awe of how cool it is and forget about the fundamentals of good security posture. One of those fundamentals is about access management. According to the Sophos report, 33% of organizations reported that cybercriminals gained access by stealing cloud provider account credentials. In fact, 91% of users had overprivileged Identity and Access Management roles.

Having a robust access management system can’t be a “nice to have” in the current public cloud climate. Always know exactly who has access to what, with full auditing and logging capabilities in the backend. Ensure your policies around privilege escalation are constantly being reviewed and updated so everyone has least privilege at all times. Use role-based access control to stop bad actors from accessing your sensitive workloads and data. You can further automate this by establishing approval workflows for sensitive/expensive data or resources and making that part of your provisioning process.