How to Implement User-based Controls for Cybersecurity

More and more enterprises have moved their infrastructure and operations to the cloud than ever before. Along with these changes, we have also seen a significant change in enterprise security posture and use of technology. However, what does that change look like? How have security teams kept up with the change? Just what is the state of cloud security in the enterprise?

InfoSec pros have their work cut out for them—with the need to secure an estimated 300 billion passwords by 2020. Privileged password management, in particular, is a pain point for almost every organization. Privileged credentials are often difficult to identify, challenging to tame and properly secure, and if done improperly, can be costly to manage. Without strong privileged password management processes and technology in place, your organization is ripe for all kinds of security breaches. In many industries, lack of the proper protections in place alone puts you at risk from legal and/or regulatory fallout.

Understanding your complex cloud environment is tricky. Workloads, containers, and serverless functions are added and removed constantly. Vulnerabilities are endless. Security staff is in short supply. But here’s the reality: cloud security is built in incremental steps. And process improvement involves multiple stakeholders — not just security teams.

Dr. James Stanger, CompTIA's Chief Technology Evangelist, has consulted with corporations, governments and learning institutions worldwide about cybersecurity, open source, network administration and help desk management for over 20 years. Organizations he has worked with include RSA, IBM, NTT Japan, Symantec, the Scottish Qualifications Authority (SQA), the US Department of Defense (DoD), the United Arab Emirates Cultural Division, the US Department of State, Meisei University, and General Dynamics.