Safely Onboard Users
Identify the minimal access privileges needed for users to do their jobs.
Monitor Identity Usage
- Apply out-of-the-box security policies
Monitor risky configuration & data exposure changes, & deviations from service best practices. - Monitor risky action by admins
Track enrollment of new admins, admin account changes, & SoD violations by admins. - Monitor all types of identities
Including human & non-human identities like apps & tokens. - Classify sensitive files and monitor how they are being shared. Apply enhanced monitoring to external users, data oversharing, & sharing of data with external contractors.
Enforce Least-Privilege Access
- Detect stale identities
Remove unused admin accounts, stale privileged users, & terminated external contractors. - Right-size over-privileged entitlements and risky permissions
Grant only the exact access needed.
Detect & Respond to Threats
- Prioritize and contextualize alerts
Reduce alert fatigue & investigation times. - Identify account takeover indicators
e.g suspicious IP addresses, rare countries, impossible travelers, & excessive usage. - Alert on insider threats using built-in rules
Sharing data with personal accounts, & mass download of corporate resources. - Detect breach indicators
Changes to admin accounts, deactivation of updates, deletion of logs & audit trails, & encryption of buckets.
Safely Offboard Users
- Uncover stale vendors
Vendors & contractors who have been terminated or otherwise don’t use their access. - Identify unmanaged local users
i.e. not managed by your identity provider. - Fully offboard users
Make sure employees & vendors don’t have access to any of your cloud services after they leave. - Detect, fix, and verify off-boarding gaps
