A field guide to bad permissions part 2: expired permissions
The increasing scale and complexity of identity security due to cloud migration has led to the need for new approaches to manage risky permissions. Expired permissions are one such issue that arises when necessary permissions granted to employees or service accounts are not revoked after their purpose is fulfilled. This can happen because IAM teams prioritize urgent work over removing access no longer needed, and it's difficult to recognize expired permissions without full context. To fix this problem, organizations need to create a culture of access removal and continuously monitor for bad permissions using tools like Veza's Authorization Graph.
Company
Veza
Date published
Nov. 30, 2023
Author(s)
Kale Bogdanovs
Word count
1219
Language
English
Hacker News points
None found.