Describe Microsoft Entra Permissions Management
Microsoft Entra Permissions Management is a cloud infrastructure entitlement management (CIEM) product that provides comprehensive visibility and control over permissions for any identity and any resource in Microsoft Azure, Amazon Web Services (AWS) and Google Cloud Platform (GCP).
This functionality helps organizations address the Zero Trust principle of least privilege access. Organizations need to consider permissions management as a central piece of their Zero Trust security strategy that includes implementing least privilege access across their entire infrastructure. Some of the key reasons include:
- Organizations are increasingly adopting multicloud strategy and are struggling with the lack of visibility and the increasing complexity of managing access permissions.
- With the proliferation of identities and cloud services, the number of high-risk cloud permissions is exploding, expanding the attack surface for organizations.
- IT security teams are under increased pressure to ensure access to their expanding cloud estate is secure and compliant.
- The inconsistency of cloud providers' native access management models makes it even more complex for Security and Identity to manage permissions and enforce least privilege access policies across their entire environment.
Permissions Management detects, automatically right-sizes (remediates), and continuously monitors unused and excessive permissions.
Permissions Management helps organizations address requirements for least access privilege through discovery of the entire infrastructure, remediation that automatically rightsizes for least privilege access, and continuously monitoring the entire infrastructure for unused and excessive permissions.
Discover
Customers can assess permission risks by evaluating the gap between permissions granted and permissions used.
Cross-cloud permissions discovery: Granular and normalized metrics for key cloud platforms: AWS, Azure, and GCP.
Permission Creep Index (PCI): An aggregated metric that periodically evaluates the level of risk associated with the number of unused or excessive permissions across your identities and resources. It measures how much damage identities can cause based on the permissions they have.
Permission usage analytics: Multi-dimensional view of permissions risk for all identities, actions, and resources.
Remediate
Customers can right-size permissions based on usage, grant new permissions on-demand, and automate just-in-time access for cloud resources.
- Automated deletion of permissions unused for the past 90 days.
- Permissions on-demand: Grant identities permissions on-demand for a time-limited period or an as-needed basis.
Monitor
Customers can detect anomalous activities with machine learning-powered (ML-powered) alerts and generate detailed forensic reports.
ML-powered anomaly detections. Context-rich forensic reports around identities, actions, and resources to support rapid investigation and remediation. Permissions Management deepens Zero Trust security strategies by augmenting the least privilege access principle, allowing customers to:
- Get comprehensive visibility: Discover which identity is doing what, where, and when.
- Automate least privilege access: Use access analytics to ensure identities have the right permissions, at the right time.
- Unify access policies across infrastructure as a service (IaaS) platforms: Implement consistent security policies across your cloud infrastructure.
Once your organization has explored and implemented the discover, remediation and monitor phases, you've established one of the core pillars of a modern zero-trust security strategy.