Jamal Bihya, Author at Gigaom https://gigaom.com/author/jamalbihya/ Your industry partner in emerging technology research Fri, 22 Mar 2024 19:57:58 +0000 en-US hourly 1 https://wordpress.org/?v=6.5.3 CIEM: Bridging the Gap Between IAM and Cloud Security https://gigaom.com/2024/03/22/ciem-bridging-the-gap-between-iam-and-cloud-security/ Fri, 22 Mar 2024 19:57:58 +0000 https://gigaom.com/?p=1029629 The cloud-first strategy is no longer in its infancy. This wave of change has impacted and continues to disrupt the entire traditional

The post CIEM: Bridging the Gap Between IAM and Cloud Security appeared first on Gigaom.

]]>
The cloud-first strategy is no longer in its infancy. This wave of change has impacted and continues to disrupt the entire traditional hosting paradigm, commonly referred to as on-premises IT services within the enterprise. There is no category in IT or networking systems that has escaped this seismic shift. In this article, we will focus on the impact of the cloud-first transformation strategy on the field of identity and access management (IAM).

Why CIEM Came into Existence

In the world of on-premises storage and computing, most accounts accessing enterprise systems are attached to human entities. Solutions have been developed to ensure good governance of these identities and their access privileges during their lifecycle in the enterprise. After a relatively short time, companies that have adopted IAM solutions have been able to control who has access to what and for what reason.

Then cloud hosting and computing arrived with promises of reducing the acquisition, operation, and maintenance costs of enterprise IT systems. Cloud hosting and computing also promised gains in operational agility and flexibility of IT tools. This promise, of course, is real and the gains are indeed achievable. However, the concepts of identity, entitlement, and privileges inherent in the cloud are no longer the same as they are for on-premises infrastructure.

In 2020, the term cloud infrastructure entitlement management (CIEM) appeared for the first time. CIEM, as a concept, has emerged to address all the new use cases specific to cloud computing. Some might consider CIEM as the natural extension of IAM into the cloud. But CIEM helps organizations to contend with the growing number of non-human identities, whether they are internet of things (IoT) object machines or software acting in the cloud, as well as ephemeral identities that require rights and access only for short periods. Additionally, CIEM solutions help reconcile the actions of these different types of identities across the various cloud platforms of the enterprise, as each cloud service provider (CSP) has its own vision of IAM in its platform.

Who Provides CIEM Solutions

There are three main categories of CIEM solution providers:

  1. Vendors focused on CIEM: These are CIEM native companies that develop a solution addressing the problems or blind spots of IAM in the cloud. Usually, they offer their CIEM solution as a component of cloud-native application protection platform (CNAPP) or a cloud identity security platform.
  2. Vendors focused on cloud security platforms: These are usually companies that already offer a set of cloud security components, such as cloud security posture management (CSPM), cloud workload protection platform (CWPP), and/or infrastructure as code (IaC), and want to add CIEM to their platform.
  3. Vendors focused on IAM: Usually, these IAM solution providers are well-established in the on-premises market. Their entry into CIEM, an extension of IAM into cloud computing, should, to a certain extent, be a natural and expected move.

The market is still young in terms of both CIEM solution providers and CIEM functionalities themselves. Regarding CIEM solution providers, consolidations are underway, notably precipitated by the move of CIEM-centric companies into the realm of larger and more diversified IT players.

Purchase Considerations

When considering a CIEM solution, several important factors should be kept in mind:

  • Scope and coverage: Look for solutions that cover all relevant cloud services and platforms your organization uses or plans to use to ensure visibility into identities and their access in multicloud environments. Additionally, look for solutions that can detect gaps and anomalies in cloud access and provide remediation of gaps.
  • Integration: The solution should integrate seamlessly with your existing cloud infrastructure, identity management systems, and other relevant tools.
  • Security and compliance: Ensure the solution meets your organization’s security and compliance requirements, including data encryption, access controls, and audit capabilities.
  • Ease of use: Look for a solution that is user-friendly and easy to deploy, manage, and maintain.
  • Scalability: Choose a solution that can scale with your organization’s growth and changing needs.
  • Cost: Consider the total cost of ownership, including initial setup costs, licensing fees, and ongoing maintenance costs.
  • Vendor reputation and support: Select a vendor with a strong reputation for customer support and a track record of delivering reliable solutions.
  • Future proofing: Look for a solution that can adapt to evolving cloud technologies and security threats.
  • User feedback and reviews: Consider feedback from other users and industry experts to gauge the solution’s effectiveness and reliability.
  • Customization and flexibility: Ensure the solution can be customized to meet your organization’s specific needs and workflows.

Next Steps

To learn more, take a look at GigaOm’s CIEM Key Criteria and Radar reports. These reports provide a comprehensive overview of the market, outline the criteria you’ll want to consider in a purchase decision, and evaluate how a number of vendors perform against those decision criteria.

If you’re not yet a GigaOm subscriber, you can access the research using a free trial.

The post CIEM: Bridging the Gap Between IAM and Cloud Security appeared first on Gigaom.

]]>
GigaOm Radar for Cloud Infrastructure Entitlement Management (CIEM) https://gigaom.com/report/gigaom-radar-for-cloud-infrastructure-entitlement-management-ciem/ Wed, 20 Mar 2024 15:00:18 +0000 https://gigaom.com/?post_type=go-report&p=1029230/ Cloud infrastructure and endpoint management (CIEM) solutions enable organizations to efficiently manage and secure their cloud infrastructure as well as the endpoints

The post GigaOm Radar for Cloud Infrastructure Entitlement Management (CIEM) appeared first on Gigaom.

]]>
Cloud infrastructure and endpoint management (CIEM) solutions enable organizations to efficiently manage and secure their cloud infrastructure as well as the endpoints (devices) that connect to it. CIEM solutions provide capabilities such as asset discovery, configuration management, compliance monitoring, and threat detection and response.

CIEM is essential for organizations looking to optimize their cloud operations, enhance their security posture, and ensure compliance with regulations. With the increasing complexity of cloud environments and the growing number of endpoints, and the proliferation of all sorts of identities in the context of the cloud, CIEM solutions help organizations streamline management tasks, improve visibility and control, and mitigate security risks.

CIEM solutions are primarily targeted at IT and security teams within organizations of all sizes, from small businesses to large enterprises. These teams manage and secure the organization’s cloud infrastructure and endpoints, and CIEM solutions provide them with the tools and capabilities needed to effectively perform these tasks.

The business imperatives to which C-Suites are sensitive should help them consider adding CIEM to the company’s cloud security battery include:

  • Operational efficiency: CIEM enables organizations to automate manual tasks, reduce complexity, and improve overall efficiency in managing their cloud infrastructure and endpoints. This can result in cost savings and improved productivity.
  • Security enhancement: CIEM helps organizations enhance their security posture by providing real-time visibility into their cloud environment and endpoints, as well as the ability to detect and respond to security threats quickly and effectively.
  • Compliance assurance: CIEM solutions help organizations ensure compliance with industry regulations and internal policies by providing continuous monitoring and reporting capabilities.
  • Risk mitigation: By proactively identifying and addressing security risks and compliance issues, CIEM solutions help organizations mitigate the potential impact of security breaches and compliance violations.
  • Business continuity: CIEM solutions help ensure business continuity by providing robust backup and recovery capabilities for cloud-based data and applications, reducing the risk of data loss and downtime.

This is our first year evaluating the CIEM space in the context of our Key Criteria and Radar reports. This GigaOm Radar report examines 10 of the top CIEM solutions and compares offerings against the capabilities (table stakes, key features, and emerging features) and nonfunctional requirements (business criteria) outlined in the companion Key Criteria report. Together, these reports provide an overview of the market, identify leading CIEM offerings, and help decision-makers evaluate these solutions so they can make a more informed investment decision.

GIGAOM KEY CRITERIA AND RADAR REPORTS

The GigaOm Key Criteria report provides a detailed decision framework for IT and executive leadership assessing enterprise technologies. Each report defines relevant functional and nonfunctional aspects of solutions in a sector. The Key Criteria report informs the GigaOm Radar report, which provides a forward-looking assessment of vendor solutions in the sector.

The post GigaOm Radar for Cloud Infrastructure Entitlement Management (CIEM) appeared first on Gigaom.

]]>
GigaOm Key Criteria for Evaluating Cloud Infrastructure Entitlement Management (CIEM) Solutions https://gigaom.com/report/gigaom-key-criteria-for-evaluating-cloud-infrastructure-entitlement-management-ciem-solutions/ Fri, 08 Mar 2024 18:13:33 +0000 https://gigaom.com/?post_type=go-report&p=1029060/ In the on-premises world, organizations can achieve total control over their information assets. Their business objectives are served by technological tools that

The post GigaOm Key Criteria for Evaluating Cloud Infrastructure Entitlement Management (CIEM) Solutions appeared first on Gigaom.

]]>
In the on-premises world, organizations can achieve total control over their information assets. Their business objectives are served by technological tools that are protected by a battery of mature, adapted, and proven security systems. However, the on-premises world lacks operational flexibility, is difficult to scale, and is expensive to operate. Over time, these disadvantages end up weighing on the bottom line.

With the arrival of cloud computing, organizations have seen gains in budgetary efficiency, operational agility, and the ability to refocus on their core business—hence, the cloud-first strategy orientation of most organizations in recent years.

When executing a cloud-first strategy, though, organizations quickly faced the challenges of securing information assets in the cloud. What worked well within a company’s physical perimeter did not adapt to the cloud, particularly in the field of identity and access management (IAM). Issues include:

  • Loss of visibility into corporate identities and resources.
  • Loss of control over who has access to what and for what reason.
  • Difficulty identifying roles, excessive permissions, and unusual behavior.
  • The dynamic nature of cloud computing coupled with new practices such as infrastructure as code (IaC), DevOps, and the arrival of IoT. These bring with them new types of identities that are created or deleted on the fly and rights that are granted or revoked at any time, all outside the controls of traditional IAM systems.

For some time now, there have been many specialized products on the market aimed at securing developments and operations in the cloud environment. The IAM field has remained a bit behind, and none of the existing cloud security products, such as cloud access security brokers (CASB), cloud security posture management (CSPM), cloud workload protection programs (CWPP), or others comprehensively meet the requirements of cloud IAM.

In 2020, cloud infrastructure entitlement management, or CIEM, emerged to help organizations monitor and manage cloud infrastructure access entitlement by applying the principle of least privilege when creating, deploying, using, and managing cloud infrastructure services. With CIEM, organizations gain greater control over their cloud environments, minimize security risks, and protect valuable data and resources.

Business Imperative
As the cloud environment of most organizations becomes increasingly complex, it becomes more and more difficult to manually manage access. Organizations can have millions of permissions extended to users, entities, and systems on multiple clouds all over the world. Without effective management, this can lead to significant security risks, making it more likely that some account somewhere will be compromised. However, older security solutions are not able to address modern issues of identity and access management.

In contrast, CIEM solutions include comprehensive entitlement visibility, integration with existing security tools, customizable reporting and dashboards, and the ability to tailor permissions that are appropriate to a particular entity at a particular time. CIEM enables organizations to visualize all of the entities—human or otherwise—that require access, determine what kind of rights are needed, and accord them as needed.

Sector Adoption Score
To help executives and decision-makers assess the potential impact and value of a CIEM solution deployment to the business, this GigaOm Key Criteria report provides a structured assessment of the sector across five factors: benefit, maturity, urgency, impact, and effort. By scoring each factor based on how strongly it compels or deters adoption of a CIEM solution, we provide an overall Sector Adoption Score (Figure 1) of 3 out of 5, with 5 indicating the strongest possible recommendation to adopt. This indicates that a CIEM solution is a credible candidate for deployment and worthy of thoughtful consideration.

The factors contributing to the Sector Adoption Score for CIEM are explained in more detail in the Sector Brief section that follows.

Key Criteria for Evaluating CIEM Solutions

Sector Adoption Score

1.0