AuthZed Adds Cloud Edition of Infrastructure Authorization Platform
AuthZed today unfurled a self-service edition of its platform for managing infrastructure authorizations that can be deployed in a cloud computing environment.
Company CEO Jake Moshenko said this AuthZed Cloud option will make it simpler for some organizations to comply with various data sovereignty requirements that may require them to deploy an edition of AuthZed in a specific region.
Rather than having to build and maintain a custom platform for managing infrastructure authorization for each application deployed, AuthZed has been making a case for a centralized cloud service that provides the added benefit of being able to scale up and down as needed, said Moshenko.
Those issues will only be further exacerbated by the rise of artificial intelligence (AI) agents that will require authorizations to access applications, data and services at levels of unprecedented scale, he added. OpenAI, for example, is already making use of AuthZed to help securely manage retrieval augmentation generation (RAG) workflows, noted Moshenko.
Relying on custom-built authorization logic for each application, and soon AI agent, only leads to duplication of effort, inconsistent policies, and fragmented management of access controls that not only slows down development, but also increases the risk of misconfigurations, he added.
A recent Futurum Group survey finds that cloud security is especially challenging because of integration issues (37%), cost management (35%), and misconfigurations (35%), implementing consistent security controls across hybrid/multi-cloud environments (33%) and cloud data protection (32%).
Cybersecurity and IT teams especially struggle to contain credential sprawl, which typically occurs as passwords or keys are reused and shared. Additionally, overprivileged access to IT infrastructure is commonplace so when credentials are compromised the blast radius of a breach winds up being substantial.
Add on top of that a growing attack surface as the use of cloud computing expands, managing authorizations quickly becomes an even bigger challenge.
It’s not clear how much funding will be specially allocated to authorizations, but a Futurum Group report projects cybersecurity spending will increase at a compound annual growth rate (CAGR) of 11.6% from 2024 to 2029 to reach $287.6 billion.
Hopefully, it will become easier for organizations to enforce best practices that ensure least privilege access policies are implemented and maintained. In the meantime, cybersecurity teams would be well advised to review who in their organization has access to which IT infrastructure. From there it should then be simpler to then discover who is authorized to access specific applications and services.
In the meantime, cybersecurity teams should assess the platforms currently used to manage authorizations. The more custom and fragmented they are the greater the chances there will be gaps that cybercriminals already not only know how to easily exploit but will soon be using artificial intelligence (AI) tools to discover. Like it or not, when it comes to securing IT environments in the age of AI it is now a race against time.
