Entitle Unfurls Cloud Platform to Manage Permissions
Entitle today launched a namesake cloud platform for managing permissions based on specific intervals of predetermined time.
Fresh from raising $15 million in seed funding, Entitle CEO Ron Nissim said the company’s platform makes it possible for departments to grant permissions to access IT resources for a specific period of time without any intervention on the part of a cybersecurity or IT operations teams required.
That approach provides the added benefit of also making it simpler for cybersecurity teams to identify, for example, what files and directories any given user may have been able to access in the event of an incident.
Historically, permissions have been troublesome to manage because they are typically granted by individual departments. IT operations are usually responsible for providing access to IT resources, but in the event of a compromise, most cybersecurity teams have little to no visibility into which users have access to what specific resources. That’s especially problematic when credentials are compromised.
That issue tends to be further exacerbated the longer an employee is employed, because most organizations never reduce access to resources as an employee’s role changes over time. It’s not uncommon for employees to have access to IT resources that no longer have anything to do with their current role in the organization.
The Entitle approach requires organizations to only grant access to IT resources for a limited amount of time. This capability eliminates the need for IT operations teams to clean up authorization processes once a year because permission renewals are now managed via a self-service platform, said Nissim.
Identity is, of course, at the root of many cybersecurity issues. There may be no way to eliminate the theft of credentials, but the blast radius of a breach can be limited if the IT resources any given end user has access to are limited, said Nissim. The issue that organizations encounter today is the role-based access to IT resources is not granular enough to meaningfully limit the blast radius of a breach, he noted.
There is, of course, no shortage of exploits for compromising IT environments, but it’s clear cybercriminals make as little effort as possible to achieve their goal. That usually means relying on a phishing attack to gain access to credentials that are used to launch, for example, a ransomware attack. The challenge now is that the cybercriminals that launch these attacks are now gaining access to generative artificial intelligence (AI) platforms that make it possible to launch even more sophisticated attacks at scale that are difficult to detect. Unless organizations find ways to limit the scope of those breaches at the very least, the potential for cybersecurity chaos to ensue is considerable.
Regardless of what type of attack is launched, humans remain the weakest link. Cybercriminals will often spend weeks studying the behavior of specific end users before launching an attack. The amount of damage that can be inflicted increases in direct proportion to the amount of time spent tracking an end user. The challenge cybersecurity teams face today is making sure each end user generates the least amount of risk to the business possible.
