In the heady days of the 1970s, no one passed through the doors of Studio 54 without famously being vetted by the trendy club’s bouncers – and with good reason. Not only did the disco want to attract only the hippest or most desirable of celebrities and glitterati, it also wanted to protect them, ensuring that “bad actors” couldn’t penetrate the club’s walls and expose the goings-on inside. Organizations embracing the cloud could take a page from Studio 54’s book by ascertaining identity and controlling access.
The list of companies and organizations that have had data compromised through unsecured cloud storage systems is long and illustrious, but at least one common thread through all is access was available due to poor identity access management (IAM) practices. AWS and other cloud storage providers usually turn over a bucket to a customer in a locked down condition, but changes made by the end user often result in the data going from safe to exposed with a single keystroke.
Sarah Squire, senior technical architect at Ping Identity, describes poorly managed IAM and the cloud as a huge problem with blame for the situation being split between cloud providers and the customers.
Please register to continue.
Already registered? Log in.
Once you register, you'll receive:
The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.
Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.
SC Media’s essential morning briefing for cybersecurity professionals.
One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.