- tends to change faster
- be more distributed (including across legal jurisdictional boundaries)
- add to the complexity of the management plane
- rely more (often exclusively) on broad network communications for everything, which opens up core infrastructure administration to network attacks.
Discuss this topic in Circle
Have an interesting article or video on this topic that you want to share? Anyone can join the discussion community for this topic to share ideas or ask questions.View discussion community
Participate in Identity and Access Management Research
Identity and access management is mapping some form of an entity (a person, system, piece of code, etc.) to a verifiable identity associated with various attributes (which can change based on current circumstances), and then making a decision on what they can or can’t do based on entitlements.
Guidance from CSA
CSA Research crowd-sources the knowledge and expertise of security experts and helps address the challenges and needs they’ve experienced, or seen others experience, within the cybersecurity field. Each publication is vendor-neutral and follows the peer review process outlined in the CSA Research Lifecycle. We recommend getting started by reading the following documents.
The 2020 State of Identity Security in the Cloud
Read the results of a survey to understand cloud IAM challenges other enterprises face when undergoing a digital transformation. You will also learn methods of addressing cloud IAM challenges as well as identify the teams and roles responsible for cloud IAM. In the wake of the COVID-19 public health crisis, many enterprises digital transformations are on an accelerated track to enable employees to work from home. CSA surveyed these organizations to better understand how cloud services are being used during this transition and how organizations secured their operations over the next 12 months.
Identity and Access Management Guidance
This document addresses personnel involved in the identification and implementation of the IAM solution in the cloud. It will be of particular interest to those with the responsibility of designing, implementing and integrating the consumption of services of the IAM function within any cloud application of Security as a Service (SecaaS)
Domain 12 of the Security Guidance: Identity, Entitlement, and Access Management
This domain of CSA’s flagship research paper addresses managing identities and leveraging directory services to provide access control. The focus is on issues encountered when extending an organization’s identity into the cloud. This section provides insight into assessing an organization’s readiness to conduct cloud-based Identity, Entitlement, and Access Management. If you are new to IAM in the cloud we recommend starting here.