WHITEPAPER
Critical Controls for Modern Cloud Security
2
Executive summary
The cloud makes new levels of speed and scale possible
while freeing people from the time and expense of
on-premise infrastructure so they can focus on critical
projects. With virtual resources supporting you behind
the scenes, you can stop installing and patching servers,
maintaining uptime, and responding to problems at 3 AM.
Instead, moving to the cloud demands that IT operations
and security teams update their skills and practices to
support a new, more efficient way of working.
In a cloud model, managing privileged access to workloads,
services, and applications remains your responsibility, not
the cloud providers'. It's also your responsibility to make
sure data going to and from the cloud (via web browsers,
Email, file exchanges such as STP, APIs, SaaS products, and
streaming protocols) is adequately secured.
Unfortunately, many organizations aren't adequately
implementing and enforcing these policies around this
privileged access.
This paper will show you how Privileged Access
Management (PAM) is a critical control for modern cloud
security. We'll break down the most common cloud use
cases across Infrastructure-as-a-Service (IaaS), Platform-
as-a-Service (PaaS), Software-as-a-Service (SaaS), and
DevOps that are vulnerable to privileged account a acks.
You'll learn how to use PAM to mitigate some of the biggest
vulnerabilities across the cloud a ack surface so you can
realize the promise of the cloud and secure your most
sensitive assets.
1. IDC Survey Report: State of Cloud Security 2021 (h ps://l.ermetic.com/wp-idc-survey-results-2021)
2. h ps://www.gartner.com/smarterwithgartner/is-the-cloud-secure/
The challenge exists not
in the security of the cloud
itself, but in the policies and
technologies for security and
control of the technology. In
nearly all cases, it is the user —
not the cloud provider — who
fails to manage the controls."
→ Gartner Research
2
98%
of companies experienced at least one
cloud data breach in the past 18 months
— up from 79% in the previous period.
60%
of large enterprises cited access
vulnerabilities as the primary root
cause of their cloud data breaches.
1
