Permissions Management is a cloud infrastructure entitlement management (CIEM) solution that provides comprehensive visibility into permissions assigned to all identities. For example, over-privileged workload and user identities, actions, and resources across multi-cloud infrastructures in Microsoft Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP).
Permissions Management detects, automatically right-sizes, and continuously monitors unused and excessive permissions.
Organizations have to consider permissions management as a central piece of their Zero Trust security to implement least privilege access across their entire infrastructure:
Organizations are increasingly adopting multi-cloud strategy and are struggling with the lack of visibility and the increasing complexity of managing access permissions.
With the proliferation of identities and cloud services, the number of high-risk cloud permissions is exploding, expanding the attack surface for organizations.
IT security teams are under increased pressure to ensure access to their expanding cloud estate is secure and compliant.
The inconsistency of cloud providers' native access management models makes it even more complex for Security and Identity to manage permissions and enforce least privilege access policies across their entire environment.
Key use cases
Permissions Management allows customers to address three key use cases: discover, remediate, and monitor.
Permissions Management has been designed in such a way that we recommended your organization sequentially 'step-through' each of the below phases in order to gain insights into permissions across the organization. This is because you generally cannot action what is yet to be discovered, likewise you cannot continually evaluate what is yet to be remediated.
Discover
Customers can assess permission risks by evaluating the gap between permissions granted and permissions used.
Cross-cloud permissions discovery: Granular and normalized metrics for key cloud platforms: AWS, Azure, and GCP.
Permission Creep Index (PCI): An aggregated metric that periodically evaluates the level of risk associated with the number of unused or excessive permissions across your identities and resources. It measures how much damage identities can cause based on the permissions they have.
Permission usage analytics: Multi-dimensional view of permissions risk for all identities, actions, and resources.
Remediate
Customers can right-size permissions based on usage, grant new permissions on-demand, and automate just-in-time access for cloud resources.
Automated deletion of permissions unused for the past 90 days.
Permissions on-demand: Grant identities permissions on-demand for a time-limited period or an as-needed basis.
Monitor
Customers can detect anomalous activities with machine language-powered (ML-powered) alerts and generate detailed forensic reports.
ML-powered anomaly detections.
Context-rich forensic reports around identities, actions, and resources to support rapid investigation and remediation.
Permissions Management deepens Zero Trust security strategies by augmenting the least privilege access principle, allowing customers to:
Get comprehensive visibility: Discover which identity is doing what, where, and when.
Automate least privilege access: Use access analytics to ensure identities have the right permissions, at the right time.
Unify access policies across infrastructure as a service (IaaS) platforms: Implement consistent security policies across your cloud infrastructure.
Once your organization has explored and implemented the discover, remediation and monitor phases, you have established one of the core pillars of a modern zero-trust security strategy.
Key Capabilities
Cross-Cloud Visibility
Think of visibility as the underpinning of any cybersecurity strategy. In the event that your business has distributed enterprise networks, you end up with a fragmented view of the enterprise. Add static dashboards and scattered information. Then, you end up with a situation where you cannot co-relate logs or flag malicious users and lateral threats. That’s why you need granular visibility and contextual analytics of all activity within your cloud environment.
Microsoft Entra Permissions Management offers comprehensive visibility into privileged access. You get to have 3600 security views with infinite granularity. This helps you identify indicators of compromise (IoCs) ahead of the actual threat. Overall, this cross-cloud visibility helps you simplify compliance and audits for your entire multi-cloud environment.
Automated Remediation
You can download fixes for misconfigured policies and have Entra Permissions Management remediate them on your behalf. What’s more, you should be able to update your policies to address new and evolving risks. Overall, with this automated remediation, you can potentially remediate potential issues in real-time.
Anomaly Detections and Alerts
With Entra Permissions Management, you have an integrated audit and compliance engine that continuously monitors and reports on any anomalies, including vulnerabilities, misconfigurations, and compliance violations. With anomaly detection, you can detect and alert on any anomalous activity. This includes unusual activities, geo-locations, and client types. You could get alerts for these anomalous activities through email or integrated third-party SIEM or SOAR tools.
Detailed Forensic Reports
Entra Permissions Management offers incisive out-of-the-box forensic reports that should help your team get in front of potential risk. You can fully customize these reports to have them meet the specific compliance reporting requirements you need for your business. You have the option of having either scheduled or on-demand reports that can be run and distributed by mail. Altogether, these reports come in handy when making vital business decisions.