A research by Palo Alto highlights the mistakes made by companies in the management of identities and access to cloud accounts: from weak passwords to overly lax policies. Published on 13 April 2022 by Redazione
The migration of corporate applications and data to the cloud has multiplied the risks of cyberattacks and information leaks. This is certainly not new, just as the response that many cybersecurity vendors are proposing as the best defense strategy against these new risks is not new: identity and access management, that is, the management of identities and accesses. In the absence, now, of a defined digital perimeter, the choice to rely only on firewalls and threat detection systems on endpoints is no longer effective. It makes much more sense, however, to try to protect data wherever it is and therefore to focus the defense on a correct definition of access policies and on identities.
While these are not new tools, companies still make many mistakes in adopting identity and access management (Iam) solutions, as revealed by a study by Palo Alto Networks, conducted by the internal research team on over 680,000 identities across 18,000 accounts. cloud, belonging to 200 different organizations. Out of the total of 200 companies, 44% allow password reuse (Iam), contradicting one of the primary security rules. In addition, more than half of the cloud accounts analyzed, 53%, admit the use of weak passwords (less than 14 characters).
However, the most damning figure is another: even 99% of users, roles, services and cloud resources have been given excessive permissions, which have then remained unused for two months or more. As you can see, the problem is not technological but we are in the presence of wrong rules, which frustrate the adoption of potentially effective technologies.
Another bad habit is to adopt the integrated policies of cloud service providers without changes, which on average are much more permissive than the rules set by the client company. These imprudent choices multiply the risk of attacks without considering that, once logged into an account, cybercriminals can make their way inside a computer network with the so-called lateral movement, reaching their true goal, that is, the most valuable or monetizable data. .cloud risks