A key module of McAfee Cloud Security Platform is our Cloud Identity Manager, which enables organizations to enforce corporate standards for cloud application access. Cloud Identity Manager integrates with the corporation’s enterprise directory to auto-provision and de-provision cloud application accounts. It also integrates with existing corporate identity systems to provide users with SSO for internal and cloud-based applications. In addition, overall application access security is strengthened and the risk of data loss is reduced through policy-based enforcement with strong two-factor authentication for cloud applications.
In the area of user management, OpSource ensures that each individual accessing the cloud environment utilizes a unique set of log-in credentials (which is not always a given in cloud environments). Each user is assigned rolebased access permissions that assign read and write permissions individually to the network, cloud servers, cloud files, and cloud audit reports. In addition, we log each action that is taken in OpSource Cloud and tie it back to the user who performed the action. These logs track changes that take place via our web-based UI, or actions taken via an API call.
We don’t offer any specific identity tools for the cloud. However, we are able to leverage existing tools. There are some interesting identity and access management vendors who are developing some cloud-based identity tools, such as Duo Security and Ping Identity.
Because our xStream Platform isolates a customer’s cloud resources from all others and becomes an extension of their existing environment, any methods used for identity management in the existing infrastructure can be used in the Virtustream xStream infrastructure with very few changes required.
39 Intel IT Center Vendor Round Table | Cloud Security