Non-People Identities: The New Battleground in Cloud Security

  • Thursday, 10 Jun 2021 10:30AM EDT (10 Jun 2021 14:30 UTC)
  • Speakers: Sandy Bird, Serge Borso

Identity security used to be straightforward - one person, one identity. Now in a modern public cloud deployment, identities are innumerable and critical to securing your data. Non-people identities - like servers, VMs, serverless functions, applications, etc. - are being created at a rapid pace, sometimes by services without a person ever involved.

Cloud providers like Azure, AWS, and GCP have given us tools to help govern access, but they can be made insecure by simple configuration errors or omissions - and they\\\'re very different approaches, creating complexity for multi-cloud deployments. Governance requires a new approach that meets this new reality of ephemeral compute and complex webs of permission combinations.

Join this session to learn:

  • What we mean by non-people identities
  • What problems these identities cause
  • Best practices for managing them, including out-of-box configuration changes
  • Immediate steps anyone can take today to secure the identities