Cloud Computing

CIEM tools in demand as organization move to multicloud

CIEM tools are more of a ‘plus-one’ than a standalone, says one Gartner analyst.
article cover

Francis Scialabba

· 3 min read

When companies turn to a combination of AWS, Azure, or GCP, cloud confusion can commence. Like a snowflake—the ice crystal, not the data company—no two clouds are the same.

“The controls are a little bit different, and how you do things is a little bit different. So, it tends to create problems for how you standardize…and how you allocate permissions,” said Michael Kelley, senior research director at Gartner.

Cloud infrastructure entitlement management (CIEM) uses time controls, analytics, and machine learning to manage access risks and detect anomalies, like too many privileges. In short, CIEM tools provide visibility into who has access to what.

The cloud entitlement technology, considered effective and in demand by consultancies like Gartner, is increasingly being folded into larger access-control packages.

“These core CIEM tools, CIEM vendors…have been out there doing this for a few years. And then we see other technology areas who are finding that it overlaps what they do,” Kelley told IT Brew.

Misconfiguration aggregation. In 2019, a misconfigured Web Services storage bucket resulted in the compromise of more than 100 million credit applications. Cloud misconfigurations, in fact, led to a number of breaches reported by IBM this year.

Some companies use more than one public cloud, frequently with apps siloed on specific infrastructure services—a potential challenge for companies going digital.

“For each environment, they have to use different tools, trying to both see what’s in their environment, not to mention to then audit and be able to manage their environment,” said Joy Chik, president of the identity and network access division at Microsoft.

Top insights for IT pros

From cybersecurity and big data to software development and gaming, IT Brew delivers the latest news and analysis of trends shaping the IT industry, like only The Brew can.

In addition to CIEM, a number of tools exist to stop cloud misconfigurations.

PAM: Privileged access management tools discover and secure the accounts in an organization that have the highest permissions.

IGA: Identity governance and administration products provide an automated way to define user accounts and access rights for individual users.

CASB: Cloud access security brokers enforce security policies as cloud-based resources are accessed.

In October, Microsoft announced an effort that combines a number of access-management and policy features. Its suite, Microsoft Entra Identity Governance, adds CIEM-style permissions management with automation capabilities that integrate with Microsoft Azure Active Directory.

“You have one place that’s able to track the permissions and access rights,” Chik told IT Brew.

Expect the acquisition. The cloud data-access market looks a bit like the Olympics logo—a lot of overlapping circles. Companies like Solvo perform CIEM. CyberArk conducts PAM and CIEM. Saviynt does all three: IGA, PAM, and CIEM.

Microsoft bought CIEM vendor CloudKnox Security in July of 2021. Expect the consolidation to continue over the next couple of years, said Kelley.

“Maybe it’s a PAM vendor buying a CIEM tool, or it’s a CASB vendor buying a CIEM tool, or it’s maybe a couple of CIEM tools combining. But I think that’s the biggest risk, probably that the standalone market is not long term,” Kelley told IT Brew.—BH

Do you work in IT or have information about your IT department you want to share? Email [email protected] or DM @BillyHurls on Twitter.

Top insights for IT pros

From cybersecurity and big data to software development and gaming, IT Brew delivers the latest news and analysis of trends shaping the IT industry, like only The Brew can.