Securing Identities Across Multiple Clouds
Microsoft's Terence Gomes Shares Ways to Manage Access and Security in One Place
Multi-cloud environments pose major challenges to security practitioners who need full visibility of infrastructure and applications. Organizations should unify identity and security controls to monitor the entire threat landscape, says Terence Gomes, country head of Microsoft security in India.
The rapid growth in cloud DevOps and new applications has created a much wider attack surface for IT and security teams, making it more complex to manage permissions and monitor applications. "The teams do not know who has access to what, which applications have been given permissions, which resources have been given permissions," Gomes says. "So the whole adoption of multi-cloud, the identity and permission management, is a bigger challenge than one would have imagined."
Gomes advises several strategies for simplifying environments, such as using cloud-native security controls and monitoring identities and permissions across Microsoft Azure, Amazon Web Services and Google Cloud on a single, real-time "unified console" that aggregates the data.
In this video interview with Information Security Media Group, Gomes discusses:
- Key challenges of managing identities and permissions in multi-cloud environments;
- Strategies for CISOs to gain greater visibility over multiple clouds;
- Microsoft's strategy for managing permissions and security controls across all three major cloud platforms.
Gomes, a 23-year veteran of the Indian IT industry, has spent most of his career advising organizations and partners on how to defend against cybersecurity threats and fraud. He has spoken about cybersecurity and fraud prevention best practices at a variety of events sponsored by the Indian Payment Risk Council, Institute for Development and Research in Banking Technology, Information Systems Audit and Control Association Mumbai Chapter and other organizations.
