Security News > 2024 > March > How much does cloud-based identity expand your attack surface?
We all know using a cloud-based identity provider expands your attack surface, but just how big does that attack surface get? And can we even know for sure?
The first step towards mitigating the expanded attack surface in the cloud is recognizing the risks and potential vulnerabilities of cloud identity providers.
You can select an identity provider that doesn't store your users' network access credentials in the cloud.
For some organizations, the right answer might be to offer secure cloud access to users while keeping identity management on-premises.
IT leaders should prepare for the reality that we probably don't and won't be able to qualify just how much your attack surface grows with cloud-based identity.
Cloud IdPs, while offering scalable access management, can exponentially enlarge organizational attack surfaces, particularly with distributed access points like session tokens.
News URL
https://www.helpnetsecurity.com/2024/03/29/cloud-based-identity-management/
Related news
- Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks (source)
- Embargo ransomware escalates attacks to cloud environments (source)
- Notorious Hacker Group TeamTNT Launches New Cloud Attacks for Crypto Mining (source)
- IcePeony and Transparent Tribe Target Indian Entities with Cloud-Based Tools (source)