Helping organizations strengthen cloud security and Zero Trust
At Microsoft, we are committed to supporting organizations in their digital transformation and helping them to deliver secure and seamless experiences. Since IT modernization often spans multiple clouds, cloud security and identity are top of mind for most of our customers. Modern identity security needs to protect all users and resources consistently across multi-cloud and hybrid cloud environments. Today, Microsoft is taking a significant step toward this goal with the acquisition of CloudKnox Security, a leader in Cloud Infrastructure Entitlement Management (CIEM). CloudKnox offers complete visibility into privileged access. It helps organizations right-size permissions and consistently enforce least-privilege principles to reduce risk, and it employs continuous analytics to help prevent security breaches and ensure compliance. This strengthens our comprehensive approach to cloud security.
As organizations adapt to hybrid work and more and more cloud services are deployed, new service entities that collaborate and exchange data without human interaction, such as virtual machines and containers, are proliferating. The growth of these service accounts and identities and their increasing volumes of permissions, privileges and entitlements exposes organizations to new attack vectors. Left in blind spots or uncontrolled, these permissions leave business critical systems open to infiltration and disruption. High-profile breaches demonstrate how quickly bad actors can move laterally by exploiting misappropriated privileged credentials.
While organizations are reaping the benefits of cloud adoption, they still struggle to assess, prevent, enforce and govern privileged access across hybrid and multi-cloud environments. Even if they piece multiple siloed systems together, they still get an incomplete view of privileged access. Traditional Privileged Access Management and Identity Governance and Administration solutions are well suited for on-premises environments, however they fall short of providing the necessary end-to-end visibility for multi-cloud entitlements and permissions. Neither do they provide consistent identity lifecycle management or governance in multi-cloud and cloud-native environments.
In January, when I shared the five identity priorities for 2021, I stressed the importance of a Zero Trust security approach that verifies explicitly, grants least privileged access and always assumes breach — with identity as your first line of defense. As the corporate network perimeter disappears, it’s crucial to establish a strong cloud identity foundation, so you can enforce least privileged access to protect business-critical systems while improving business agility. We’re committed to making it easier to enforce least privileged access for all user and workload identities.
The acquisition of CloudKnox further enables Microsoft Azure Active Directory customers with granular visibility, continuous monitoring and automated remediation for hybrid and multi-cloud permissions. We are committed to providing our customers with unified privileged access management, identity governance and entitlement management including:
- Automated and simplified access policy enforcement in one integrated multi-cloud platform for all human and workload identities.
- The widest breadth of signal-enabling, high-precision machine learning-based anomaly detections.
- Seamless integration with other Microsoft cloud security services, including Microsoft 365 Defender, Azure Defender and Azure Sentinel.
Our acquisition of CloudKnox, like our recent acquisition announcements on RiskIQ and ReFirm Labs, shows our focus and execution in acquiring, integrating and expanding the strongest defenses for our customers — from chip to cloud — backed by more than 3,500 defenders at Microsoft and the more than 8 trillion security signals we process every day. Microsoft is uniquely positioned to help empower and defend the future of hybrid work and multi-cloud environments, providing essential visibility, control and monitoring Zero Trust demands.
We’re excited to bring the CloudKnox team and technology to Microsoft and our joint customers and look forward to their contributions. We’ll share more information as we integrate CloudKnox with Microsoft’s identity, security and compliance solutions.