Ermetic announced the Ermetic Platform
now enables organizations to automate the process of granting developers and
DevOps teams "Just in Time" (JIT) access to cloud infrastructure
environments. These new capabilities enable users to request, on a self-service
basis, escalation of privileges for a limited time that is customized for their
roles and the functions they must perform.
Cloud infrastructure environments are generally spun up and maintained by
DevOps and development teams through continuous integration/continuous delivery
(CI/CD) pipelines. However, developers occasionally need direct, highly
privileged access to production environments for specific activities that
include debugging critical issues or deploying a service manually. These
all-encompassing access entitlements can introduce significant risk if not
revoked when they are no longer needed, since they would provide an attacker
with the "keys to the kingdom" if a user's credentials are stolen or abused.
Gartner, Inc. recommends: "Embrace privileged access management (PAM)
principles of a least privilege approach to cloud entitlements by using cloud
infrastructure entitlement management (CIEM) to reduce long-standing privileges
and introducing just-in-time (JIT) privilege capabilities."
Traditional PAM and identity governance and administration (IGA) solutions
created for the data center cannot meet the needs of modern cloud-native infrastructures
since they lack the ability to address entitlement granularity and adapt to the
changing nature of cloud-based policies. Ermetic is filling the PAM and IGA
void in the cloud with the first solution that enables organizations to provide
secure and agile JIT access to cloud environments for developers. To ensure a
transparent experience for users, Ermetic also integrates with single sign-on
(SSO) systems.
"Developers need powerful privileges and entitlements to stand up and manage
cloud infrastructures, but these should only be granted in Just in Time
fashion, for a limited time and right sized to avoid excessive permissions,"
said Sivan Krigsman, Chief Product Officer for Ermetic. "Ermetic has delivered
the first cloud-native solution that automates the creation, enforcement and
governance of developer access policies with guardrails and an expiration
date."
The Ermetic JIT Solution provides the following capabilities and benefits:
- Policy definition: enables organizations to define who can access an
environment, what approvals are required, and what entitlements are permitted.
Ermetic's industry-leading CIEM capabilities, which provide full visibility
into permissions in multi-cloud environments, support the creation of very fine
grained policies
- Self service workflows: a streamlined interface enables developers to
easily request access, notify approvers and quickly gain authorized access to
required resources
- Automated access control: once access is authorized, Ermetic automatically
grants access to the approved resources for the pre-defined period of time, and
terminates access and revokes permissions once the window has expired
- Auditing and governance: enables security teams to maintain an audit trail
and investigate access activity, including who accessed what and when, who
elevated which permissions and when, what the justification was, who the
approver was, etc.
Availability
The Ermetic Platform with JIT access is available immediately from Ermetic and
its business partners worldwide.