Cloud Infrastructure Entitlement Management, CIEM (pronounced “kim” is a cloud-delivered security technology that focuses on reducing risk by controlling and managing access entitlements to and between applications, machines, and service accounts across multicloud and hybrid environments. CIEM solutions perform automated detection, analysis, and mitigation of excessive entitlements to help organizations keep up with evolving protection requirements for cloud-native applications. CIEMs are employed to alert organizations to potential access issues across virtual machines, containers, serverless workloads, and other types of cloud assets and services.

What problems does CIEM solve and why would I need it?

As organizations migrate and run more critical workloads in the cloud, they also increase their attack surface and risk of a data breach. This is primarily because the “shared responsibility model” of public cloud security saddles organizations with the responsibility of controlling access to cloud resources. This reality led Gartner to estimate that by 2023, inadequate identities and privileges management will cause 75% of all cloud security failures.

Identity and access management (IAM) solutions are typically employed to control access for human entities such as users and administrators, but what about the applications, machines, and other services that need to communicate with each other? This is where CIEM solutions are deployed, using discovery, analytics, and machine learning techniques to detect anomalies and misconfigurations in account entitlements. CIEMs can alert organizations to potential security issues such as accumulation of privileges, dormant privileges, and unnecessary entitlements. When deployed and managed properly, CIEM solutions can help to mitigate risk caused by excessive account entitlements that can lead to data breaches, ransomware attacks, and business disruption.

How do CIEMs fit with other security solutions?

The need for more robust entitlement management solutions arose from gaps left by traditional identity governance and administration (IGA) tools, privileged access management (PAM) tools, and native-cloud provider tools. While CIEMs typically provide some cloud security posture management (CSPM) capabilities, they specialize in identity controls and account privilege governance.

Recently, CSPM and cloud workload protection platform (CWPP) tools have merged into a new solution category that provides both control plane and data plane security, better known as cloud-native application protection, or CNAPP. Gartner, the inventor of the CNAPP category, calls for the addition of both CIEM and Kubernetes security posture management (KSPM) capabilities to CNAPP.

Trellix Logo

You're exiting McAfee Enterprise.

Please pardon our appearance as we transition from McAfee Enterprise to Trellix.

Exciting changes are in the works.
We look forward to discussing your enterprise security needs.

You will be redirected in 0 seconds. If not, please click here to continue

McAfee Logo