Boarding the Privilege Plane: BeyondTrust in the Clouds

Show Notes for Series 03 Episode 27
This podcast is produced in conjunction with BeyondTrust.
Even relatively modern cybersecurity concepts and access management technologies like PAM are beginning to falter confronted with hybrid- and multi-cloud environments. How can today’s privilege access management cope with multiple SaaS and IaaS apps and services, other than grant or deny blanket access?

We talk to Scott Hesford, the Director of Solutions Engineering, Asia Pacific at BeyondTrust, about applying granularity of privileges to multiple users at scale, and keep on top of it all, too. What could be a simple granting of privileges to a subcontractor for a day, can turn into a gaping cybersecurity hole that can bring an organization to its knees. And BeyondTrust is the company that’s here to help!

We talk about implicit zones, movement through the IT stack to get a day’s work done, and NIST’s airplane analogy for cybersecurity: who can get through to the departures lounge, who can board the plane, and (even) where a user can sit Or, in more direct terms, allowing a subcontractor to restart a service without sudo.

It’s all possible, it just needs the right partner; one with the cybersecurity tooling that’s not out of its depth in a multi-cloud, mobile, cloud-heavy environment.

Read more about BeyondTrust here:
https://www.beyondtrust.com/

The NIST zero trust information we refer to is here:
https://csrc.nist.gov/publications/detail/sp/800-207/final

The US Federal Government directive on Zero Trust can be found here:
https://www.whitehouse.gov/wp-content/uploads/2022/01/M-22-09.pdf

The CISA Zero Trust Maturity Model can be found here:
https://www.cisa.gov/zero-trust-maturity-model

Scott Hesford is on LinkedIn:
https://www.linkedin.com/in/scott-hesford/

Joe “economy class” Green is here:
https://www.linkedin.com/in/josephedwardgreen/