Free Privileged Account Discovery Tool: Identify & secure credentials to stop lateral movement. Download Free

BeyondTrust
  • Products
    Privileged Password Management
    Discover, manage, audit, and monitor privileged accounts
    Password Safe DevOps Secrets Safe
    Endpoint Privilege Management
    Manage privileges on Windows, Mac, Linux, and Unix endpoints
    Windows and Mac Unix and Linux Active Directory Bridge
    Secure Remote Access
    Centrally manage and secure remote access for service desks and vendors
    Remote Support Privileged Remote Access
    BeyondInsight Analytics
    See All Solutions
  • Resources

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

    Watch Video

    Learn

    Case Studies
    Competitor Comparisons
    Datasheets
    Glossary
    Product Demos
    Whitepapers

    Attend

    Events
    Go Beyond
    Training
    Webinars

    Support

    Changelog
    Professional Services
    Technical Documentation
  • Blog
  • Partners
  • Contact
  • Support
  • Services
  • Training
  • Events
  • Company

Despite Recent Breaches, the Cloud is not Falling

August 1, 2019

  • Blog
  • Archive

While adoption of cloud technologies continues its ascension, trust in the Cloud is a cyclical sentiment. Several recent large-scale breaches within cloud environments, effecting over 100 million customers in total, have shaken this trust and re-stoked the world’s unease over data privacy and security that has forever simmered closely beneath the Cloud’s lining. Prominent news site headlines and social media are even re-debating the question: have some of us gone too far and too fast to the Cloud?

But, questions over our embrace of the Cloud are certain to be short-lived.

Is the Cloud more secure than on-prem? It depends. And that question requires more breadth and depth than this blog is intended to cover. Native cloud security tools are maturing and improving, as is the growing vendor ecosystem providing cloud tools. With that said, many gaps remain.

In his most recent article for Forbes, The Importance Of Session Management: Critical Buying Needs For The Cloud, BeyondTrust CTO & CISO, Morey Haber, zeroes in on a missing or incomplete piece of many cloud environments– session management and monitoring. Here’s an excerpt:

“Session monitoring is a critical capability for cloud environments to ensure security, auditability, and accountability. It is the only method to observe, document, record and detect inappropriate behavior when access is always initiated remotely. While other techniques can monitor other protocols or API-based access to the cloud, only session monitoring can capture the real-time behavior of interactive users and their interactions. And, if the users know they are being recorded (or shoulder surfed electronically), the deterrent alone may be enough to curb some malicious behavior or even innocent snooping.”

To reiterate, session monitoring and management is an essential cybersecurity capability for cloud environments that natively, is either not provided, or provided only in an immature, rudimentary form that is far out-classed by the modern solutions provided by third-party vendors, such as BeyondTrust.

The best of the third-party solutions can enable organizations to monitor and manage sessions at the scale the cloud demands—meaning hundreds or thousands of concurrent sessions. With cloud session monitoring, all text on the screen and keystrokes are recorded (excluding passwords) and inspected in real-time for critical pattern matches. Automated workflows can enable your solution to pinpoint an anomalous session and terminate it, or pause/lock the session until a determination is made whether or not that activity is appropriate. BeyondTrust also provides a critical list out-of-the-box for governing database commands, lateral movement, sensitive operating system commands, and other suspicious behavior.

Aside from security, session monitoring and management is important to have for your cloud environment because regulatory compliance mandates are increasingly requiring that certain types of sessions—such as privileged sessions on sensitive systems, have full auditability (logging, activity monitoring, etc.). Session monitoring provides the future documentation needed to review, analyze and determine if the session was authorized, contained malicious behavior, and was appropriately conducted

Here’s an abridged list of some key ways BeyondTrust solutions can help secure your cloud environment:

  • Manage privileged access and enforce least privilege. Also, enables you to leverage native access control lists to secure remote access sessions from being initiated from inappropriate sources and users
  • Monitor and manage cloud sessions and privileged activities
  • Perform file integrity monitoring to ensure files are not tampered with, and to identify and alert any rogue activities
  • Manage cloud IAM accounts to ensure access and credential rotation is adhered to in accordance to security policies
  • Manage access to business assets that leverage web-based management consoles, including for Amazon Web Services, Azure, Google Cloud, VMware vSphere, Citrix XenServer, Microsoft Hyper-V, Microsoft Azure, IBM Softlayer, and Rackspace.
  • Inventory and assess Amazon®, GoGrid®, IBM®, Rackspace®, VMware® and other cloud environments to discover assets (including IoT) and identify, prioritize, and remediate misconfigurations and other vulnerabilities.

Recent, negative publicity around cloud-related security incidents will incite many organizations to take a healthy pause and (smartly) review their cloud security policies and technologies. However, organizations that correctly scope their cloud deployments and identify and address gaps with enterprise-class tools will continue to reap the many benefits of the Cloud.

For a more in-depth overview and technical dive into how session monitoring/management can uniquely prevent and mitigate breaches in the Cloud, check out Morey Haber’s Forbes article here.

Related Reading

How to Use Privileged Access Management for Security Breach Remediation

Cloud Security Best Practices

Secrets Management Overview & 7 Best Practices

DevOps Security Best Practices

8 Steps to Reduce Remote Access Security Risks & Tighten Control Over Vendor Access

Matt Miller, Senior Content Marketing Manager, BeyondTrust

Matt Miller is a Senior Content Marketing Manager at BeyondTrust. Prior to BeyondTrust, he developed and executed marketing strategies on cyber security and cloud technologies in roles at Accelerite (a business unit of Persistent Systems), WatchGuard Technologies, and Microsoft. Earlier in his career Matt held various roles in IR, marketing, and corporate communications in the biotech / biopharmaceutical industry. His experience and interests traverse cyber security, cloud / virtualization, IoT, economics, information governance, and risk management. He is also an avid homebrewer (working toward his Black Belt in beer) and writer.

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Whitepapers

KuppingerCole Executive Review - BeyondTrust Endpoint Privilege Management

Webcasts

Tech Talk Tuesday: Managing Vendor Access

Webcasts

Ransomware in 2021: How to Strengthen and Fund Your Cyber Protection Measures

BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press

Languages

  • English
  • German
  • French
  • Spanish
  • Korean
  • Portuguese
  • Japanese
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2020 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.