The days of perimeter security acting as the core of cybersecurity defenses are long gone. No organization would be caught without firewalls and antivirus scanners to catch low-sophistication attacks, but the real battle to protect the network has moved to the realm of identity and access management (IAM).

Perimeter security has lost importance because organizations no longer have much of a hardware perimeter. Most have moved to the cloud and are rapidly adding apps and services as needed to support their employees and customers in the new world of always on, always available connectivity. While this situation has made most organizations more agile and efficient, it has also exposed them to considerable risk.

Without tight IAM controls, it’s easy to lose track of the thousands of identities operating within a modern company’s network. Each user can have multiple identities, and non-human entities like apps and programs also hold various identities and permissions. According to one study, most organizations oversee an average of 40,000 permissions spread out across the four major cloud platforms: Amazon Web Services, Google Cloud Platform (GCP), Microsoft Azure and VMware. Many of those accounts are over-permissioned, requiring only about 10% of the permissions they currently hold. Other identities may not be in use at all because they belong to employees who have left the organization or applications that are no longer used.

Attackers have taken notice, with most advanced attacks now actively trying to compromise unused or over-permissioned accounts to circumvent security. In fact, Verizon’s 2020 Data Breach Investigations Report found that more than 80% of hacking-related breaches that year involved the use of lost or stolen credentials. Many of the most recent high-profile breaches, like the SolarWinds attack, used compromised identities and elevated privileges to bypass cybersecurity defenses.

How IAM tools work 

IAM tools identify and confirm users, applications and devices. They then grant the appropriate authorities and permissions. They form the backbone of modern cybersecurity, especially in the cloud. Advanced IAM tools analyze privileges that provision or orchestrate cloud-based and network-based capabilities. They also establish and enforce policies and procedures that apply to user groups that include roles, responsibilities, and details of their access attempts.

In fact, IAM is the key to zero-trust networking, where users and devices are not trusted by default. Zero trust can’t function without solid identity and access management. Identity has become a new kind of perimeter security, because no matter where an asset exists, accessing it requires an identity with the correct permissions. Locking that down with solid IAM tools can keep assets safe regardless of how many clouds make up an organization’s network or how many identities it manages.

Copyright © 2021 IDG Communications, Inc.

This post was originally published on this site