top of page
  • timspriggs

Discover Microsoft Entra Permissions Management

One unique solution to manage the permissions of any identity across multi-cloud infrastructure.”


In previous editions of this newsletter, we had a feature on Entra, (https://www.venture1consulting.com/post/microsoft-entra-security-simplified) as well as Certificate Services and PKI, still very much evident and being delivered to customers today (https://www.venture1consulting.com/post/certificate-services-a-note-from-our-archives-and-the-dark-art-of-pki).


In this edition, we delve deeper into the Entra family and Permissions Management, which extends Zero Trust strategies by strengthening the least privilege access principle,meaning that customers can:

  • Discover what identities are doing, when and where and use automated analytics to ensure they have the right permissions at the right time.

  • Implement consistent security policies across (multiple) infrastructure as a service (IaaS) cloud platforms.


The Challenge

These days, organisations have to consider permissions management as a central component of Zero Trust security, in order to implement least privilege access across their entire infrastructure.


But the increasing adoption of multi-cloud strategies means that organisations are struggling with the lack of visibility and increasing complexity of managing access permissions.


Alongside this, the huge increase in the sheer number of identities and cloud services increases the attack surface for all organisations with the number high-risk cloud permissions growing exponentially.


With increased pressure on IT security teams to ensure secure and compliant access to growing cloud estates, the inconsistency of native access management models complicates matters further for teams trying to manage permissions and least privilege access policies across their entire environment.


The Solution

Microsoft’s Entra Permissions Management system provides for complete visibility of the permissions assigned to all identities. This includes multi-cloud infrastructures in Microsoft Azure, Google Cloud Platform (GCP) and Amazon Web Services (AWS).


This allows organisations to discover, remediate, and monitor risks across an entire cloud infrastructure. Venture 1 recommends that organisations 'step-through' these phases to gain clarity of permissions management across the organisation, as nothing can be actioned until it is discovered, or the success evaluated of what is yet to be remediated!


Discovery phase:

  • Assess risk by evaluating the gap between permissions granted and permissions used.

  • Provide metrics for key cloud platforms: AWS, Azure, and GCP.

  • Establish a PCI (Permission Creep Index) = Measuring how much damage identities can cause based on the permissions they have.

  • Compile views (multi-dimensional) of the permissions risk of all identities, actions and resources.

Remediation phase:

  • “Right-size” permissions based on usage.

  • Give new permissions for a time-limited period, on an “as needed” or “on-demand” basis.

  • Delete of permissions unused for the past 90 days on an automated basis, as well as automating “just-in-time” access.

Monitoring phase:

  • Generate detailed forensic reports and detect unusual activities with ML powered (machine learning-powered) alerts and reports.

  • Support rapid investigation and remediation with context rich reports including identities, actions and resources.

In conclusion, once an organisation has ‘stepped through’ these discovery, remediation and monitoring phases, it will have instituted one of the core pillars of a modern, zero-trust security strategy.


If your organisation would like any help with this, by all means give us a call or contact us here! More information on Entra Permissions Management is also available here; (https://www.microsoft.com/en-gb/security/business/identity-access/microsoft-entra-permissions-management)



Comments


bottom of page