ChaptersCircleEventsBlog

Download Publication

Confronting Shadow Access Risks: Considerations for Zero Trust and Artificial Intelligence Deployments
Confronting Shadow Access Risks: Considerations for Zero Trust and Artificial Intelligence Deployments
Who it's for:
  • IAM professionals
  • Cloud and cybersecurity professionals

Confronting Shadow Access Risks: Considerations for Zero Trust and Artificial Intelligence Deployments

Release Date: 05/06/2024

Working Group: AI Safety Initiative

Shadow Access, a growing concern within cloud computing and Identity and Access Management (IAM), refers to unintended, unauthorized access to systems and data, often intensified by the complexities of modern technological environments. Organizations from small to large often find out the hard way that their previously secure starting point has silently evolved into an unsecure one, the consequences of which are potentially catastrophic. Adding an additional dimension, the increasing prevalence of Artificial Intelligence (AI) introduces new Shadow Access risks, such as unauthorized access, sensitive data exposure, and governance issues.

Zero Trust, centered on the philosophy of “Never Trust, Always Verify,” is positioned as a countermeasure to Shadow Access, advocating for robust authentication and vigilant access control. However, the practical implementation of Zero Trust faces challenges in cloud-native architectures where Shadow Access is prevalent. 

This publication by the CSA Identity and Access Management Working Group delves into these intersections of Shadow Access, AI, and Zero Trust, and underscores the necessity of adapting traditional Zero Trust IAM approaches to the nuances of AI technology.

Key Takeaways: 
  • What Shadow Access is and why it exists
  • What Zero Trust is
  • The impacts of Shadow Access on Zero Trust 
  • What Zero Trust can do to mitigate Shadow Access 
  • The top concerns regarding Shadow Access, AI, and LLMs, including change management, data access visibility, identity verification, content authorization, and more
Download this Resource

Bookmark
Share
Related resources
Shadow Access and AI
Shadow Access and AI
Zero Trust Privacy Assessment and Guidance
Zero Trust Privacy Assessment and Guidance
Zero Trust Guidance for Small and Medium Size Businesses (SMBs) - Japanese Translation
Zero Trust Guidance for Small and Medium Size B...
The OWASP Top 10 for LLMs: CSA’s Strategic Defense Playbook
The OWASP Top 10 for LLMs: CSA’s Strategic Defense Playbook
Published: 05/09/2025
ISO 42001: Lessons Learned from Auditing and Implementing the Framework
ISO 42001: Lessons Learned from Auditing and Implementing the Frame...
Published: 05/08/2025
Unpacking the 2024 Snowflake Data Breach
Unpacking the 2024 Snowflake Data Breach
Published: 05/07/2025
Taming the Beast: The 5 Essential Pillars of SaaS Security
Taming the Beast: The 5 Essential Pillars of SaaS Security
Published: 05/07/2025
Cloudbytes Webinar Series
Cloudbytes Webinar Series
January 1 | Online

Acknowledgements

Michael Roza
Michael Roza
Risk, Audit, Control and Compliance Professional at EVC

Michael Roza

Risk, Audit, Control and Compliance Professional at EVC

Since 2012, Michael Roza has been a pivotal member of the Cloud Security Alliance (CSA) family. He has contributed to over 140 projects, as a Lead Author or Author/Contributor and many more as a Reviewer/Editor.

Michael's extensive contributions encompass critical areas including Artificial Intelligence, Zero Trust/Software Defined Perimeter, Internet of Things, Top Threats, Cloud Control Matrix, DevSecOps, and Key Management. His lea...

Read more

Are you a research volunteer? Request to have your profile displayed on the website here.

Interested in helping develop research with CSA?

Related Certificates & Training