Helping organizations strengthen cloud security and Zero Trust

At Microsoft, we are committed to supporting organizations in their digital transformation and helping them to deliver secure and seamless experiences. Since IT modernization often spans multiple clouds, cloud security and identity are top of mind for most of our customers. Modern identity security needs to protect all users and resources consistently across multi-cloud and hybrid cloud environments. Today, Microsoft is taking a significant step toward this goal with the acquisition of CloudKnox Security, a leader in Cloud Infrastructure Entitlement Management (CIEM). CloudKnox offers complete visibility into privileged access. It helps organizations right-size permissions and consistently enforce least-privilege principles to reduce risk, and it employs continuous analytics to help prevent security breaches and ensure compliance. This strengthens our comprehensive approach to cloud security.

People working in officeMicrosoft acquires CloudKnox to offer unified privileged access and cloud entitlement management.

As organizations adapt to hybrid work and more and more cloud services are deployed, new service entities that collaborate and exchange data without human interaction, such as virtual machines and containers, are proliferating. The growth of these service accounts and identities and their increasing volumes of permissions, privileges and entitlements exposes organizations to new attack vectors. Left in blind spots or uncontrolled, these permissions leave business critical systems open to infiltration and disruption. High-profile breaches demonstrate how quickly bad actors can move laterally by exploiting misappropriated privileged credentials.

While organizations are reaping the benefits of cloud adoption, they still struggle to assess, prevent, enforce and govern privileged access across hybrid and multi-cloud environments. Even if they piece multiple siloed systems together, they still get an incomplete view of privileged access. Traditional Privileged Access Management and Identity Governance and Administration solutions are well suited for on-premises environments, however they fall short of providing the necessary end-to-end visibility for multi-cloud entitlements and permissions. Neither do they provide consistent identity lifecycle management or governance in multi-cloud and cloud-native environments.

In January, when I shared the five identity priorities for 2021, I stressed the importance of a Zero Trust security approach that verifies explicitly,

 » Read More