CyberArk, the identity security company, has unveiled new capabilities for securing access to cloud workloads and services as part of its Identity Security Platform. The platform offers risk-based, intelligent privilege controls aimed at securing all access levels for users across diverse cloud environments. One of the major enhancements is to the CyberArk Secure Cloud Access solution, which provides on-demand, no-standing privilege access to multi-cloud management consoles and services without disrupting users' access or developers' workflow.
The platform's launch comes at a time when research "shows that 85% of organisations will utilise three or more public cloud providers in the next 12 months, yet only 9% of organisations are taking an agile, holistic approach to securing identities throughout their environments." CyberArk's Identity Security Platform seeks to address vulnerabilities related to rampant identity-related attacks by enhancing visibility and context for identity-centric risks and by helping organisations easily transition from static access policies to zero-standing privileges.
Melinda Marks, Practice Director of Cybersecurity at Enterprise Strategy Group (ESG), explained the importance of such enhancements, saying, "The remediation and removal of excessive, unneeded and unused permissions and entitlements from administrators, employees, service accounts and machine accounts is key to maintaining a posture of least privilege access, and our research shows that organisations are greatly challenged in this area." She further commended CyberArk's approach of merging automation, developer-focused controls and zero standing privilege for secure cloud access, mentioning that "CyberArk is helping organisations reduce the exposure window while easing workloads for cybersecurity teams."
Among the newly introduced features is CyberArk Secure Cloud Access, which reduces risk with the least privilege and on-demand privilege elevation. This enables speed and security in operations for cloud developers and administrators by reducing the risks of credential theft and excessive access. Key capabilities include the ability to detect IAM misconfiguration risks in multi-cloud environments, context-based automatic approval workflows for high-risk access and additional support for delegated administration.
Reflecting on these advancements, Jose Voisin, Chief Information Officer at Carmeuse, commented, "Secure Cloud Access enables us to secure our cloud with zero standing privileges and without impacting productivity. Users continue to access the cloud as usual while security teams implement least privilege with on-demand and seamless elevation of privileges."
CyberArk's CEO, Matt Cohen, described the overall mission of the effort, saying, "Cloud services have afforded organisations tremendous speed to deliver new applications, but they have also created countless new identities and new attack methods. Cybersecurity controls often lag behind the scale of these new environments, contributing to cybersecurity debt. We are delivering new cloud security solutions that emphasise automation and risk reduction to help close that gap." Thus, enhancing and securing the identity features within cloud environments remains integral to CyberArk's commitment to digital security.