Published on August 10, 2017
1. An inside look at enterprise IT requests and solutions MIGRATING TO THE CLOUD
2. INTRODUCTION The following IT department requests explain each challenge and the accompanying rationale. Find out which type of privileged access security solution is recommended for a hybrid infrastructure. Embracing the cloud presents new challenges for companies who need to secure privileged access
3. IT REQUEST #1 Security for anything not covered by the cloud provider. IT REQUEST: Rationale: Amazon Web Services (AWS) provides robust “security of the cloud” for infrastructure and hosting services, but their Shared Responsibility Model makes it clear that businesses are accountable for “security in the cloud”. Securing operating systems, platforms, and data remain our company’s responsibility. Security Process Technology AutomationSpeed
4. SOLUTION: Mitigate risks in the cloud with a single platform that can control access, enforce MFA, and manage privilege while auditing all privileged activity. By 2018, the 60%of enterprises that implement the right cloud visibility and control tools will face 1/3 fewer failures than companies that don’t. Gartner Study IT REQUEST #1
5. IT REQUEST #2 Security Process Technology AutomationSpeed IT REQUEST: Rationale: A new approach to secure our IaaS workloads. A cloud infrastructure is a completely different world than our on-premises environment and will require an entirely new security model.
6. SOLUTION: Rather than start over, leverage your existing on-premises processes and security model in an IaaS environment. The AWS security best practices recommend that “conventional security and compliance concepts still apply in the cloud”. Centrify agrees. 53%of decision-makers prefer to manage privileged identity and access management through a single platform Forrester, Stop the Breach, 2017 IT REQUEST #2
7. IT REQUEST #3 A new identity infrastructure in AWS to maintain security in the cloud. IT REQUEST: Rationale: Locking down privileged access in an IaaS environment requires a new and different identity infrastructure and new cloud identities. Security Process Technology AutomationSpeed
8. SOLUTION: Brokering identities enables customers to extend their choice of directory services (Active Directory, LDAP or cloud directories) to secure privileged access in AWS without creating new identities. 58%of users admitted to sharing credentials for commercial cloud services, and 1 in 10 shared their credentials with people outside their organization 2016 Global Software Survey, BSA | The Software Alliance in partnership with IDC IT REQUEST #3
9. IT REQUEST #4 Guidance on how to adopt cloud securely without sacrificing business agility. IT REQUEST: Rationale: In order to remain compliant and secure, we will have to factor extra time into our cloud migration plan. Security Process Technology AutomationSpeed
10. SOLUTION: A single platform that implements and extends AWS IAM best practices, as well as step-by-step guidance on controlling privileged access in the hybrid cloud makes it faster and easier to securely migrate to AWS. 91%of mature Identity and Access Management (IAM) companies have an integrated platform in place rather than point solutions Forrester/Centrify IT REQUEST #4
11. IT REQUEST #5 Automation tools and flexible deployment IT REQUEST: Rationale: AWS environments are elastic wand need automated security. The solution needs to secure privileged access to elastic hybrid cloud and on-premises environments. Security Process Technology AutomationSpeed
12. SOLUTION: Complete automation through deployment tools and scripts makes it easy to secure access to servers and take their privileged accounts under management. While flexible solution deployment options simplify privileged access security in hybrid IT environments through PIM-as-a-service, or dedicated instances in your private cloud or on-premises. 66%of organizations still rely on manual methods to manage privileged accounts Forrester Research’s Q3 2016 Wave report on PIM IT REQUEST #5
13. CONCLUSION Centrify Identity Services reduce the risk of a data breach by minimizing the attack surface, controlling privilege and auditing everything. A single platform enables your company to leverage and extend the same core security best practices you apply to your on-premises environment in the cloud. Find out the realities of migrating securely to a hybrid environment in our new eBook 5 Myths about Privileged Access Security for AWS.
14. Centrify redefines security from a legacy static perimeter-based approach to protecting millions of scattered connections in a boundaryless hybrid enterprise. As the only industry recognized leader in both Privileged Identity Management and Identity-as-a-Service, Centrify provides a single platform to secure every user’s access to apps and infrastructure in today’s boundaryless hybrid enterprise through the power of identity services. This is the Next Dimension of Security in the Age of Access. Founded in 2004, Centrify is enabling over 5,000 customers, including over half the Fortune 50, to defend their organizations. Centrify is a privately held company based in Santa Clara, California. To learn more visit www.centrify.com. The Breach Stops Here.