It’s time to tame the beast.
The Four Pillars of Entitlement
But first, we need to understand the components of an entitlement that can put security at risk. They can be broken down into: entities, identities, permissions and resources.
An entity is just what it sounds like—a person, machine, service or application that needs access.
Identities can be cloud identity systems, on-premise identity systems, SaaS applications, etc. And they’re not always humans; they could be compute resources needed to complete a business function, like an application or a virtual machine using a service identity.
Identities do not necessarily have to belong to users or applications within your organization. We are seeing a sharp growth in what we call third-party identities belonging to vendors that need access to your public cloud infrastructure in order to provide some operational or business value. These can include security vendors, cost optimization vendors, etc.