Products

Cloud management

Kubernetes rightsizing

Cloud reselling

Videos

How Lobster Cut Manual Work by 90% and Scaled 5x with CloudBolt

Videos

How Acquia cut web node infrastructure by 65% with continuous Kubernetes rightsizing

Partners

CloudBolt Partner Program

Become a partner

MSP/CSPs

Blog

The Case for Convergence: Why Build, Manage, and Optimize Must Work as One

Industry Research

CII: The Mass Exodus That Never Was

Videos

CloudBolt CMP 3-minute demo

Resources

All resources

Blog

Industry Research

Events

Support center

Documentation

Industry Research

The Kubernetes Automation Trust Gap No One Talks About

Company

About us

Press

Careers

SUPPORT

Service offerings

Documentation

Support center

Videos

Run the cloud like you own It: Cutting through the repatriation noise webinar

Get started

Cloud Security Essentials: Nail Down Access Management or Risk Getting Hammered

by: Chip Zoller / May 25, 2021

Where are you in your public cloud security optimization journey?

Public cloud adoption is exploding. Gartner forecasts worldwide public cloud end-user spending to grow 18% in 2021 to $304.9 billion. Organizations are taking hybrid and multi-cloud approaches to digitally innovate, modernize processes, build efficiencies, and collaborate among teams. With the right public cloud approach, your development team can get the resources they need fast to move your enterprise forward.

But with any technology, there is risk. Security breaches happen, and the proliferation of public cloud has given rise to shadow IT and other threats to your critical data and infrastructure.

This is the fourth post in a weekly blog series examining each of the seven essentials. This week, we’re taking a look at Essential #4: Nail Down Access Management or Risk Getting Hammered.

Essential #4: Nail Down Access Management or Risk Getting Hammered

Whenever there’s something new in technology, whether it’s new in public cloud or some other area, it’s a common pitfall to sit in awe of how cool it is and forget about the fundamentals of good security posture. One of those fundamentals is about access management. According to the Sophos report, 33% of organizations reported that cybercriminals gained access by stealing cloud provider account credentials. In fact, 91% of users had overprivileged Identity and Access Management roles.

Having a robust access management system can’t be a “nice to have” in the current public cloud climate. Always know exactly who has access to what, with full auditing and logging capabilities in the backend. Ensure your policies around privilege escalation are constantly being reviewed and updated so everyone has least privilege at all times. Use role-based access control to stop bad actors from accessing your sensitive workloads and data. You can further automate this by establishing approval workflows for sensitive/expensive data or resources and making that part of your provisioning process.

It’s time to get your cloud security optimization in gear. Book your demo of CloudBolt’s security optimization solutions now.

Exclusive insights and strategies for cloud pros. Delivered straight to your inbox.

AUTHOR

Chip Zoller

Learn more

Related Blogs

How to get Slack notifications when StormForge applies recommendations

The StormForge Applier does its job quietly. It watches for recommendations, applies patches to your workloads, and moves on—no fanfare,…

When Hardware Triples in Price, Idle Capacity Becomes a Line Item.

A platform leader at a Fortune 50 company recently told his app teams something that I keep thinking about. The message was very…

StormForge vs ScaleOps: A Technical Comparison of Kubernetes Rightsizing Approaches

StormForge and ScaleOps both automate Kubernetes resource optimization, but they take meaningfully different approaches to how much control you hand over and when. This page walks through the differences in architecture, automation model,…