Cloud technology has come a long way. As businesses express their concerns over security considerations in a cloud environment, cloud operators come up with a befitting solution. Examples of this proactive approach include Single tenancy on the (private) cloud, Bring Your Own Encryption (BYOE), Ensuring Data in Motion, …
These are in keeping with the trends in computing technology and these benefits are rightly extended to the Identity and Access Governance sphere. So while all the noise is being created over the cloud is safe, why not take the next step and talk about Privilege Account Management and relating it to Cloud.
Benefits in terms of automation, just in time access and keeping the IT admin to police the system on 24×7 basis
Here is a question – where must your IT Admin’s root password be?
Take a pick – Cloud or On-Premise.
Before you proceed, take a moment and assess the pros and cons.
Privilege users cover a range of users – traditional, outsourced, or offshore IT, support and development, and users coming through merges &acquisitions… Therefore in the contemporary business environment, privileged users go beyond the perimeter of your organization. Given distributed locations and devices the efficacy of root accounts (privilege accounts) can be hampered if servers, network equipment, and applications deployed are limited through physical space (read on-premises).
Privilege Accounts need to ensure continuous access to data. They are important shared accounts and there is always an information risk and limited access challenge. Lots of questions around the area of compliance –Industries – technology in order to ensure continuous access to data.
Based on a webinar Organised by our Technology Partner Centrify to explore current trends in Privileged Identity Management (PIM)
Here are important questions to manage your root password on cloud:
- Are we holding ourselves hostage to the sensitive area of information breach?Managing Privileged Accounts in a unified and automated way requires access beyond physical infrastructure. Sensitive passwords need to be readily available and network forensics must be enforced.
- Is the old-fashioned way – login through sensitive credentials is insecure?The Privilege Accounts are shared accounts and companies resort to physical envelops (yellow sticky, excel spreadsheet displayed inside the sever room allowing easy gateway for access to unauthorized users. This is often not auditable, not enforceable, has no visibility of control, relies heavily on people in the system.
- Do you approach the scale and reach of IT operations in a proactive or reactive manner?User accounts devices, mobile devices, laptop, desktops, et al are used to access an organizational systems in a global state. Data centers are to be integrated to assume 24×7 coverage across in a cross-access structure. Prospects, vendors, partners, clients – want access to shared accounts. Have to have one source for Privilege ID and shared id and recoded access (location, device, user, etc.).
Owing to the concerns emanating out of these questions, a huge shift has been seen in the space of root passwords. From a believably highly secure and of limited reach was on-premise, now it is safe to shift to the cloud.
Since the mandates a cloud-based solution, easy to manage. Don’t have to hand out laptops or login devices. Enforcement detection is easier, Cloud service will see much diverse traffics, a baseline to see what commands are used.
