New Blog | Securing access to any resource, anywhere

Microsoft

By Joseph Dadzie

 

Zero Trust has become the industry standard for safeguarding your entire digital estate. Central to Zero Trust is securing identity and access, which is essential for protecting resources, enforcing security policies, and ensuring compliance in today’s dynamic digital landscape.

 

With Microsoft Entra, we help our customers create a trust fabric that securely connects any trustworthy identity with anything, anywhere. Driven by the adoption of multicloud strategies in the era of AI, customers are encountering more challenges in securing access, not just across multiple public and private clouds, but also for business apps and on-premises resources. Unlike securing access for humans or within a single environment, where customers have established methods to address challenges, securing access anywhere is more complicated due to the dynamic nature of today’s digital estate and tools to address emerging challenges need further development. To support our customers, we unveiled our vision for securing access in any cloud at this year’s RSA conference. Today, we're excited to dive deeper into our future investment aimed at securing access to cloud resources from any identity across diverse cloud environments.  

 

Managing multicloud complexity in a rapidly evolving digital environment

 

Organizations are grappling with substantial challenges in navigating cloud access complexities, often citing issues like fragmented role-based access control (RBAC) systems, and compliance violations. These challenges are compounded by the growing use of cloud services from various cloud service providers.  There have been links to several notable breaches attributed to over-permissioned identities. Our customer engagements reveal that organizations are currently using 7 to 8 products, including privileged access management (PAM) and identity governance and administration (IGA) solutions to tackle multicloud access challenges. Despite their efforts, such as toggling across multiple solutions and increasing their workforce, many organizations still struggle to achieve full visibility into their cloud access.

 

Our 2024 State of Multicloud Security Risk Report underscores these ongoing challenges arising from over-permissioned human and workload identities. Analysis of past year usage data from Microsoft Entra Permissions Management confirms that the complexities in multicloud environments primarily stem from rapid identity growth and over-provisioned permissions (learn more), including:   

 

  • Over 51,000 permissions that can be granted to identities – 50% of which are identified as high-risk permissions.
  • Only 2% of those 51,000 permissions were used.
  • Of the 209M identities discovered, more than 50% are identified as super identities that have all permissions to access all resources.   

 

DavidFernandes_0-1717010278016.png

 

Figure 1: 2024 State of Multicloud Security Risk key findings

 

Read the full post here: Securing access to any resource, anywhere

0 Replies