Cybersecurity Insurance Checklist - Meet Insurance Requirements with BeyondTrust PAM Download for Free

  • Partners
  • Support
  • Careers
  • English
    • Deutsch
    • français
    • español
    • 한국어
    • português
BeyondTrust
  • Products

    Privileged Password Management

    Discover, manage, audit, and monitor privileged accounts and credentials.

    • Password Safe
    • DevOps Secrets Safe
    • Privileged Access Discovery Application

    Endpoint Privilege Management

    Enforce least privilege across Windows, Mac, Linux, and Unix endpoints.

    • Windows and Mac
    • Unix and Linux
    • Active Directory Bridge

    Secure Remote Access

    Centrally manage remote access for service desks, vendors, and operators.

    • Remote Support
    • Privileged Remote Access
    • Privileged Access Discovery Application

    Cloud Security Management

    Automate the management of identities and assets across your multicloud footprint.

    • Cloud Privilege Broker

    BeyondInsight

    Experience the industry’s most innovative, comprehensive platform for privileged access management.

  • Solutions

    Use Cases

    • Cloud Security
    • Compliance
    • Cyber Insurance
    • Digital Transformation
    • Endpoint Security
    • Operational Technology
    • Ransomware
    • Service Desk Efficiency
    • Zero Trust

    Industry Applications

    • Financial Services
    • Government Agencies
    • Healthcare
    • Law Enforcement
    • Manufacturing
    • Schools & Universities

    Solutions

    The BeyondTrust Privileged Access Management portfolio is an integrated solution that provides visibility and control over all privileged accounts and users.

  • Resources

    Learn

    • Blog
    • Customer Stories
    • Competitor Comparisons
    • Datasheets
    • Demos
    • Glossary
    • Podcast
    • Whitepapers

    Attend

    • Events
    • Go Beyond
    • Training
    • Webinars

    Support

    • Changelog
    • Professional Services
    • Technical Documentation

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

  • Company
    • About
    • Leadership
    • Core Values
    • Partners
    • Careers
  • Watch Demo
  • Contact Sales

KuppingerCole Executive Review of Cloud Privilege Broker – A CIEM Solution

February 2, 2022

  • Blog
  • Archive

Recently, analyst research firm KuppingerCole released their Executive Review: Cloud Privilege Broker report, exploring BeyondTrust’s debut into the Cloud Infrastructure Entitlement Management (CIEM) space.

In the report, KuppingerCole says:

“Given the speed at which organizations are moving resources to the cloud, and the lack of rigorous control over the process, BeyondTrust is clever to launch Cloud Privilege Broker into a market that needs to control access to a high number of cloud infrastructures within their organizations. Without a product like Cloud Privilege Broker, businesses will also have to grapple with the proprietary standards and identify tools of different cloud providers. Any product that can work around these standards, streamlining access, and providing risk-based insight into what’s happening in the cloud is welcome.”

This blog shares more insights from KuppingerCole and expands on why a CIEM-based approached is needed to help secure a multicloud world.

Security Consequences of Digital Transformation & Multicloud Environments

As the new normal of remote work continues to drive organizations to accelerate their digital transformation projects, there is an increase in multicloud adoption. Companies understand the benefits of leveraging cloud infrastructure and services for a wide variety of use cases, such as for DevOps processes, artificial intelligence, data capture and analysis, and many other applications. The dynamic nature of the cloud makes organizations more agile and better able to focus on business outcomes—not on managing infrastructure. But as multicloud adoption brings significant benefits, it also creates considerable management and security challenges.

In just a few years, we’ve seen explosive growth in the discreet number of cloud entitlements and permissions. Organizations have gone from managing fewer than 100 permissions in the cloud to an average of 5,000+ in each Cloud Service Provider (like AWS and Azure). Many of these new permissions are provisioned for non-human (machine) identities, supporting automated processes and data level integrations.

The accumulation of permissions generally exceeds the technical and business requirements. This creates a dangerous scenario where the probability of a damaging security or operations incident due to permission misuse—whether intentional or not—increases along with cloud adoption rates.

To make matters worse, permissions are often assigned by default, with little granularity. This means risky misconfigurations are created with ease. In the past year, 36% of companies suffered a serious cloud security incident. The vast majority were due to cloud misconfiguration.

The management of entitlements across multiple clouds is difficult, in part, given the disparate responsibility models from each Cloud Service Provider. It’s highly challenging for most organizations to manage a booming number of cloud accounts or subscriptions, and all the permutations of entitlements, without tools that help centralize and normalize access permissions with intelligence and automation. Expecting a human administrator to do this manually is simply asking for trouble. Cloud Service Providers (CSPs) provide some help and expertise, but only for their unique platform and services, with IAM and policy management tools.

Customers and prospects tell us that, for them, one of the most important factors in effectively managing cloud entitlements is visibility. Most organizations struggle with incomplete visibility and the ability to manage across multicloud environments. This leaves the door open for blind spots that can be exploited by malicious threat actors.

BeyondTrust Solution and KuppingerCole View

Cloud Privilege Broker (CPB) was built from the ground up to provide IT and Cloud teams immediate visibility of permissions and entitlements across multicloud environments. With the continuous discovery of users, roles, groups, and service accounts across multiple cloud platforms, the solution prioritizes a list of critical items that need attention with granular recommendations and guided remediations that are native to each Cloud Service Provider.

In their Executive View report, KuppingerCole positions Cloud Privilege Broker as a timely CIEM solution, well-suited for today’s increasingly complex world of many different cloud deployments. The BeyondTrust solution centralizes the visibility and management of permissions and entitlements, saving teams from the swivel-chair approach of chasing permissions across multiple platforms. The ability to quickly determine permissions-related risk is another factor that helps teams understand their entitlements landscape and take specific steps to mitigate risky situations.

KuppingerCole recognizes Cloud Privilege Broker’s comprehensive discovery process and immediate auto-classification of risk. The solution categorizes the risk of access permissions into high, medium, and low, recommending mitigation steps and significantly aiding any team’s risk management strategy.

Get the KuppingerCole CIEM Report

With powerful cloud-native CIEM tools, like Cloud Privilege Broker, cloud security does not have to be daunting. Customers can gain visibility and rely on built-in intelligence and guided remediation to ensure they’re closing the permissions gaps and keeping the bad guys out.

BeyondTrust is pleased to offer a complimentary copy of the KuppingerCole report Execute View: BeyondTrust Cloud Privilege Broker. Read the full report to gain insights into:

  • New PAM and CIEM security controls built for multicloud environments
  • Applying the principle of least privilege consistently across multiple cloud platforms
  • An evaluation of BeyondTrust Cloud Privilege Broker.


Download the Report Now


Photograph of Alex Leemon

Alex Leemon, Sr. Product Marketing Manager

Alex Leemon is a Sr. Product Marketing Manager at BeyondTrust, focusing on Privileged Password & Session Management and PAM for Cloud security solutions. She has over fifteen years of experience working with enterprise-level and Critical Infrastructure organizations solving safety and security challenges. Before joining BeyondTrust, Alex served in various roles related to the development of operational technology (OT) products and the Industrial Internet of Things (IIoT).

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Up next

From January 31, 2022:
Elasticsearch is Here - Privilege Management for Unix & Linux and Active Directory Bridge 22.1
From February 18, 2022:
Monitor, Log, & Audit Remote Support Activity with BeyondTrust

You May Also Be Interested In:

Whitepapers

KuppingerCole Executive View: Cloud Privilege Broker

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support
  • Cloud Privilege Broker

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Podcast
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press
BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2022 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.