Ermetic announced it will work with the Identity Defined Security Alliance (IDSA), a nonprofit that provides vendor-neutral education and resources to help organizations reduce the risk of a breach by combining identity and security strategies, on initiatives that raise awareness for the need to integrate entitlement and permissions management within cloud security programs.
According to Gartner, by 2023, 75% of cloud security failures will result from inadequate management of identities, access, and privileges, up from 50% in 2020. Cloud Infrastructure Entitlement Management is a new product category that uses advanced analytics to monitor and remediate the risk from unnecessary, unused and excessive permissions associated with human and machine accounts across multiclouds.
“Cloud infrastructure entitlement management is an emerging field within identity security that is becoming an urgent concern as companies move more and more sensitive workloads to AWS, Azure, Google and other platforms,” said Julie Smith, Executive Director of the IDSA. “We are pleased to have Ermetic join the IDSA and step up to lead discussions to raise awareness for the need to incorporate entitlement management as part of identity security in the cloud.”
“Monitoring thousands of cloud identities, their entitlements, roles and groups is manually impossible, which creates a large, undefended attack surface,” said Arick Goomanovsky, Chief Business Officer for Ermetic. “We look forward to working with the IDSA and its membership to educate organizations about the need for cloud infrastructure entitlement management, promote the exchange of best practices and the development of standards-based guidelines.”
Ermetic has developed a cloud-native platform that protects identities, access and privileges in cloud infrastructures without sacrificing cost, agility, speed and scale. It fills the void left by cloud security posture management (CSPM), Privileged Access Management (PAM), and Identity Governance and Administration (IGA) solutions, and enables organizations to govern identities, access entitlements and enforce least-privilege policies across multiple cloud provider platforms.