- tends to change faster
- be more distributed (including across legal jurisdictional boundaries)
- add to the complexity of the management plane
- rely more (often exclusively) on broad network communications for everything, which opens up core infrastructure administration to network attacks.
|5 Multi-cloud Security Challenges You Can Avoid||ITPro Today||November 14, 2022|
|Cloud infrastructure security is having an identity crisis. Can CIEM help?||The Register||September 13, 2023|
|Daily Briefing: Defining Shadow Access: The Emerging IAM Security Challenge||The CyberWire||September 14, 2023|
|Cloud Security Alliance Sheds Light on 'Shadow Access' IAM Problem||Virtualization Review||September 14, 2023|
Guidance from CSA
CSA Research crowd-sources the knowledge and expertise of security experts and helps address the challenges and needs they’ve experienced, or seen others experience, within the cybersecurity field. Each publication is vendor-neutral and follows the peer review process outlined in the CSA Research Lifecycle. We recommend getting started by reading the following documents.
The 2020 State of Identity Security in the Cloud
Read the results of a survey to understand cloud IAM challenges other enterprises face when undergoing a digital transformation. You will also learn methods of addressing cloud IAM challenges as well as identify the teams and roles responsible for cloud IAM. In the wake of the COVID-19 public health crisis, many enterprises digital transformations are on an accelerated track to enable employees to work from home. CSA surveyed these organizations to better understand how cloud services are being used during this transition and how organizations secured their operations over the next 12 months.
Identity and Access Management Guidance
This document addresses personnel involved in the identification and implementation of the IAM solution in the cloud. It will be of particular interest to those with the responsibility of designing, implementing and integrating the consumption of services of the IAM function within any cloud application of Security as a Service (SecaaS)
Domain 12 of the Security Guidance: Identity, Entitlement, and Access Management
This domain of CSA’s flagship research paper addresses managing identities and leveraging directory services to provide access control. The focus is on issues encountered when extending an organization’s identity into the cloud. This section provides insight into assessing an organization’s readiness to conduct cloud-based Identity, Entitlement, and Access Management. If you are new to IAM in the cloud we recommend starting here.