INDUSTRY VIEW
HYBRID WORK DRIVING THE NEED TO PROTECT CLOUD FROM INSIDER THREATS
EZZELDIN HUSSEIN , REGIONAL DIRECTOR , SALES ENGINEERING , SENTINELONE
Typically for hybrid patterns of work and to keep cloud-based workflows uninterrupted , team players have multiple security privileges , often elevated more than required from their dayto-day requirements , which can create internal vulnerabilities and paves the way for incidents and breaches , says Ezzeldin Hussein , SentinelOne .
Three years ago , the pandemic created a spotlight on how the cloud can benefit enterprises . As employees worked at home , cloud-based workflows and cloud-based workloads helped businesses to survive through the catastrophic months of lockdowns .
Today , this momentum of using the cloud as a platform for business and for work , continues at the same accelerated pace , through the hybrid and multi-cloud platforms . However , IT and security decisionmakers are increasingly turning their focus towards protecting the cloud from all sides , including insider negligence and malicious insider activity .
Typically for hybrid patterns of work and to keep cloudbased workflows uninterrupted , team players have multiple security privileges , often elevated more than required from their day-to-day requirements . This creates an internal vulnerability and paves the way for unintentional or intentional incidents and breaches .
Team players are considered as internal and trusted to the organisation by security administrators and policy decision-makers . Since they are inside the organisation , they do not have to breach any login credentials to penetrate the organisation and hence their activity is harder to detect .
However , research by Ponemon indicates , both negligent and malicious insider risks as well as credential theft have grown significantly in the last two years . Incidents involving compromised users have racked up costs amounting to over 16.2 million dollars globally – and cloud infrastructure has been the primary target .
IT and security decision-makers can implement the following best practices that can help to reduce the exposure and risk from insider activity .
Least privileges
The starting point for any initiative to protect against insider threats and negligence needs is implementing the principle of least privilege . In this approach end users , bots , and programs , only have those rights that are sufficient for them to execute their day-to-day roles and no other privileges . An employee who only needs to read data from a folder does not need to have write privileges for that folder and the same applies to an automated routine or application . This approach reduces the exposed attack surface .
Research by Ponemon indicates , both negligent and malicious insider risks as well as credential theft have grown significantly in the last two years .
16 www . intelligenttechchannels . com