According to a report, many enterprises are unaware of the number of machine IDs, which they have – the study found that “45 times more machine identity than humans,” most of which are unpublished, as mentioned in one. Venturebeat analysisIn our case, I think we had hundreds of these identities, more than as we realized.
Cloud identity spread in multi-cloud era
This is a new battleground in cloud security. While we often hear about hazards such as fishing or ransomware, a more insidious risk is increasing – identifying the machine. In a multi-cloud environment, the number of credentials for each microservis, virtual machine (VM) or serverless function may be quickly out of control. We found ourselves managing half a dozen IAM system without an integrated scene. In one cloud, roles like “Etl-Service” were doing the same task as “Etl-Worker” in another, and we were struggling to keep track of duplicates.
It was easy to make mistakes. To distribute, in our crowd, we gave wide administrator rights to many service accounts, planned to narrow them later. The data are clear: in its 2024 top hazards report, Cloud safety alliance IAM was ranked as number one concern. Which includes human and machine accounts. In practice, the identification of a theft or abuse machine allows an attacker to move later – after all, the workload should rely on each other.
