Safely Onboard Users
Identify the minimal access privileges needed for users to do their jobs.
Monitor Identity Usage
- Apply out-of-the-box security policies
Monitor risky configuration & data exposure changes, & deviations from service best practices.
- Monitor risky action by admins
Track enrollment of new admins, admin account changes, & SoD violations by admins.
- Monitor all types of identities
Including human & non-human identities like apps & tokens.
- Classify sensitive files and monitor how they are being shared. Apply enhanced monitoring to external users, data oversharing, & sharing of data with external contractors.
Enforce Least-Privilege Access
- Detect stale identities
Remove unused admin accounts, stale privileged users, & terminated external contractors.
- Right-size over-privileged entitlements and risky permissions
Grant only the exact access needed.
Detect & Respond to Threats
- Prioritize and contextualize alerts
Reduce alert fatigue & investigation times.
- Identify account takeover indicators
e.g suspicious IP addresses, rare countries, impossible travelers, & excessive usage.
- Alert on insider threats using built-in rules
Sharing data with personal accounts, & mass download of corporate resources.
- Detect breach indicators
Changes to admin accounts, deactivation of updates, deletion of logs & audit trails, & encryption of buckets.
Safely Offboard Users
- Uncover stale vendors
Vendors & contractors who have been terminated or otherwise don’t use their access.
- Identify unmanaged local users
i.e. not managed by your identity provider.
- Fully offboard users
Make sure employees & vendors don’t have access to any of your cloud services after they leave.
- Detect, fix, and verify off-boarding gaps