3

Identity and Access Management Controls

Identity and access management (IAM) components are key areas to assess for risk and compliance of any system, and this holds especially true for cloud environments where there may no longer be physical controls to mitigate risk and provide a gatekeeping function to critical services and applications. Security breaches within cloud environments are widely acknowledged to be because of cloud misconfigurations, and the ability to configure (or misconfigure) cloud services requires an account with access to those services. Ensuring the appropriate accounts have access to only the resources they need and in the timeframe needed is a principle of the Zero Trust methodology that has grown in adoption as companies ...

Get Cloud Auditing Best Practices now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.