Our Voice
What is Cloud Transformation? The Complete Guide
Discover what cloud transformation means, its benefits, and how CWSI helps businesses modernise IT systems and drive innovation through cloud solutions.
Our Voice
Discover what cloud transformation means, its benefits, and how CWSI helps businesses modernise IT systems and drive innovation through cloud solutions.
Users and workloads accumulate permissions over time as more services move to the cloud. More identities and resources to manage, paired with inconsistent access management models across different public clouds, create increased complexity and a need for more visibility for IT and security teams. Left unused and unmonitored, these permissions become prime targets for attackers or risk areas for human error.
Microsoft Entra Permissions Management has one mission; to provide a single platform to manage permissions for any identity or resource – users and workloads – across Microsoft Azure, Amazon Web Services (AWS) and Google Cloud Platform (GCP). Entra Permissions Management continuously monitors activity and behaviour to identify and assess risks and provide visibility.
Discover what resources every identity is accessing across all your public cloud platforms.
Use usage analytics to ensure identities have the right permissions at the right time.
When utilised properly, Entra allows users to unify cloud access policies with ease.
Implement consistent security policies across your cloud infrastructure.
Microsoft Entra is a Cloud Infrastructure Entitlement Management (CIEM) software, used to manage users permissions to access cloud resources across an organisation. With the use of Microsoft Entra, you can securely and remotely sign in and access cloud resources.
Once the initial setup process is complete, using Permissions Management, you’ll begin to see important insights across various areas. Response actions become available and allow you to remove unused permissions, which allows your team to continue without affecting important operations.
The analytics section showcases the search and filters detected events across multiple resources. Results then display PCI for each object, alongside a breakdown of how the score was calculated and identified. A notable feature is the ability to view and edit the specific permissions granted by any given group.
On the Dashboard screen, you’ll find an overview of the overall security posture, with each service AWS, Azure, and GCP displayed separately. You’ll need to navigate between these services:
Autopilot enables you to create rules for the automatic remediation of access issues related to both users and roles. For instance, you can automatically remove unused AWS roles for service users who have been inactive for the past 90 days.
The remediation screen basically simplifies the management of permissions across the various resources. Then, from this unified interface, you can configure permissions and roles across your cloud providers.
A particularly useful feature is that you can assign permissions on a scheduled basis, such as granting a user access in specified periods
The audit allows you to search over the organisation and check whether any changes have been added or removed.
The reports enable you to run pre-built and custom permission reports, view them online or download them as CSV files, and access detailed visual dashboards for a clear overview of current issues.
Azure AD, or Azure Active Directory, is a cloud-based identity and access management solution. Microsoft Entra however, is a hybrid IAM solution that caters to the organisational needs of more complex identity management requirements.
Entra Permissions Management is now available for around $125 per resource, per year.
The supported resources are as follows:
At CWSI, we help clients with Entra delivery by following these 3 steps:
CWSI will establish and configure your trial instance. Once the ID is verified on your Microsoft Entra ID tenant, Entra Permissions Management will start to gather credentials and environment details to set up and run your sample application. Within a few hours of onboarding, Entra Permissions Management will generate a comprehensive Permissions Analytics Report to identify your organisation’s areas of greatest risk, with actionable insights to begin remediation and secure your environment.
From the data gathered, CWSI will generate reports through the system and provide an initial review of the findings. From the review, we will build a plan to lead the next steps. Elements such as Internal Risk, Partner Access, Machine ID and Keys are reviewed. A target security score is assigned, with projects identified to achieve this. Each customer’s plan is unique to their environment.
Once the priority risks have been mitigated, CWSI will help you create a plan to bring a more structured administration program into production as part of a DevSecOps approach. Typically, we will provide a continued escalation and planning program to ensure long term compliance.
Reach out to us, and see for yourself if you are eligible for a workshop, our team and range of expert services are here to help increase your cybersecurity.