Data security startup Veza believes that security teams must gain granular visibility into human and machine identities throughout the enterprise and their access to data. The company has created an AI and machine learning model engine to build an identity threat graph to highlight the relationship between identities and data access, showing users each identity, what assets they have access to and what actions they can perform. This, in turn, enables security teams to control authorisation and app permissions from a single location, thereby reducing their organisations’ exposure to malicious insiders.
Such proactive approaches are increasingly necessary for US organisations since research indicates that insider threats are common; one in 10 employees, or 9.4%, will exfiltrate data over a six month period, according to Cyberhaven, with customer data being the most common asset leaked. Attackers often use privileged users with access to critical systems or sensitive data, meaning identity management is critical, but Veza’s approach goes further.
The identity-data mapping approach, however, is not necessarily the most viable for all organisations. For cloud-native or hybrid cloud environments, automated mapping can be critical to gaining visibility over human and machine identities that exist in a decentralised environment, while implementing authorisation controls at the data level can also mitigate risks caused by malicious insiders. The decision on whether to incorporate identity management or identity-data mapping should be based on an organisation’s specific needs.
Source link
#Veza #helps #companies #map #data #access #stop #insider #threats
/cdn.vox-cdn.com/uploads/chorus_asset/file/23163829/vtuohy_211029_4963_0013.jpg)
/cdn.vox-cdn.com/uploads/chorus_asset/file/24611290/Screenshot_20230425_213316_01.jpeg)
