Speakers: Art Poghosyan, CEO & Co-Founder, Britive; Sriram Santhanam, Senior Director, Info Security Engineering, Gap, Inc.
Date: Thursday, June 23, 2022
Location: Denver, CO
Description: Cloud brings agility, cost savings, and scalability. However, it also introduces security risks, especially related to privileged user access. Additionally, many organizations today still define privileged access too narrowly to only include cloud infrastructure, IT administrators, and DevOps. Privileged business users, and risks to organizations due to compromised credentials of business users, are largely ignored.
As recent security breaches show, cybercriminals are staging sophisticated attacks targeting privileged access not only in IaaS/PaaS but also business SaaS applications, including HR, finance, and sales. Merely securing “root” access for resources – such as virtual machines or containers – does not provide security for administrative functions available via management consoles, CLIs, APIs, or business applications. Securing these functions is difficult due to the complexities associated with gaining visibility into access and maintaining consistent access policies across cloud platforms and applications with differing security models. Complexities lead to excessive privileges that accumulate over time, which presents significant risks.
In this presentation, we will talk about complexities associated with securing privileged access in the cloud, real-world examples of challenges building DIY solutions and using legacy Privilege Access Management (PAM) solutions, best practices around managing these complexities, and how to balance privileged access security with seamless and positive user experience.