Why is CSPM important for your business?

In today’s increasingly sophisticated and fragmented business environment, we are all increasingly interdependent on “other people’s computers.” From Gmail, to Software as a Service (SaaS), to web hosting - we are interconnected in profound and tangled ways.

Cloud Security Posture Management is about securing every place and every way we connect online. As a fast-growing and increasingly critical part of online security CSPM maintains, controls, and secures every site where our corporate assets or personnel rely on externally-hosted software, data, or processes. For example, a retail site using a PayPal hosted payment module needs to secure the connection for customers its own website and on PayPal, without violating the customer’s right to privacy and ensuring that the payment is processed successfully.

The interface between your own identity system (IAM) and the third party site is a vector of attack for hackers, who seek to interpose themselves between your traffic and its cloud destination in search of salable credentials. Robust CSPM is essential for a company seeking to do business online. Customers, partners, and employees need to know that their passwords and identities will not be stolen because the company didn’t invest in an adequate CSPM system.

KeyData for Cloud Security Posture Management

KeyData is an expert and industry leader in the field of CSPM. With our technology partners we can create the bespoke system that’s best for you, your staff, your clients, and your business.

  1. IAM Best Practices: we are recognized for our industry leading IAM/CIAM “Best Practices”, success in complex systems integrations, including cloud integrations, and excellence in customer satisfaction.
  2. CSPM Experience: We understand how to use cloud applications and networks effectively, while limiting security risks leveraging IAM. We have extensive experience implementing the following capabilities to ensure organizations data in the cloud is protected and secure:
    • Authentication: KeyData has implemented strong authentication methods for access to systems and data in the cloud, including Multi-Factor Authentication (MFA), Strong/Single Sign-On (SSO), certificate-based authentication, and other risk-based authentication methods, across multiple clients and based on each client’s unique requirements and business appetite.
    • Authorization: We are well versed in implementing correct authorization workflows to ensure users have the capability to perform only the tasks they are permitted to perform based on their roles at the organization.
    • Access controls: KeyData has extensive experience in implementing coarse- and fine-grained access controls and permissions, to ensure users are correctly using services they are authorized to use, and nothing more.
    • Governance, Risk Management, and Compliance: we have helped numerous organizations manage credentials securely using access control policies and access right delegations.
  3. Complex IAM integrations experience: We have successfully performed multiple complex IAM cloud integrations for clients. We understand the requirements associated with cloud integrations, and how to keep data on the cloud secure, using IAM Best Practices.
Cloud Security Assessment

If it is difficult to assess your organization’s cloud security posture, conducting a cloud security assessment is the first step. KeyData has an excellent track of record in IAM, CIAM, and PAM in cloud environments based on leading practices as well as relevant compliance frameworks. We understand that each organization has different priorities and may follow unique standards depending on the industry. As such, we build our assessments based on relevant frameworks for our clients, including but not limited to the following:

  • National Institute of Standards and Technology (NIST): provides a comprehensive framework for information security controls for both on-prem and cloud-hosted infrastructure with an extensive list of special publications on identity and access security, including security of industrial control systems (NIST SP800-82)
  • International Organization for Standardization (ISO) 27001: outlines an international management framework for implementing information security within an organization. ISO has also published a control-based standard known as ISO/IEC 27002 which details the controls required from an implementation perspective
  • North American Electric Reliability Corporation (NERC): assists North American organizations involved in the bulk electric power systems industry to assess and implement a cybersecurity program. Relevant NERC-published standards include CIP-002 through CIP-014
  • Payment Card Industry Data Security Standard (PCI DSS): guides organizations across the globe in implementing security controls and policies that protect the integrity and confidentiality of financial transactions (e.g., credit, debit, and cash card transactions) as well as cardholders’ privacy
  • Health Insurance Portability and Accountability Act (HIPPA): provides U.S. security requirements that protect health-related information, including the privacy of consumers. This is relevant for all clients in the healthcare and sciences sector in North America. For stakeholders in Ontario, Canada Personal Health Information Protection Act, or PHIPA, provides similar set of security standards.

By following established standards and leveraging our deep expertise in the industry, we’re able to apply leading practices and recommendations consistently for our clients, and can assist you in measuring the maturity of your enterprise and cloud security program regardless of the maturity model you prefer to follow (e.g., Cybersecurity Maturity Model Certification (CMMC), Cybersecurity Capability Maturity Model (C2M2), Information Technology Infrastructure Library (ITIL) Maturity Model, etc.)

Google revealed it was blocking more than 18 million malware and phishing emails related to COVID-19 every day


Google blocking 18M malicious coronavirus emails every day - CNET
Desjardins

We engaged with KeyData due to their deep expertise and experience in IAM. KeyData conducted a ‘current state’ assessment of our complex IAM environments, with multiple stakeholder groups, and identified key challenges our organization was facing. Based on our key challenges, KeyData defined a pragmatic and realistic enterprise IAM Strategy & Roadmap, outlining the key components and priority milestones to achieving a successful IAM deployment. The Strategy and Roadmap were well received by the multiple stakeholder groups. We are on track with implementing the Enterprise IAM Roadmap and realizing the business value.

Christophe Grove, Vice President, Desjardins Group

For the third consecutive year, unauthorized access was the most common type of breach in the U.S., accounting for 43% of breaches.


2021 ForgeRock Consumer Identity Breach Report | ForgeRock
Torontohydro

Shortly after taking over the senior IT role, I engaged Rosa (KeyData) to conduct an assessment of the performance and results of an IAM project for which I had serious concerns. She was recommended as a highly qualified industry expert and she lived up to her reputation. Her in-depth investigation uncovered the true realities regarding the effectiveness of the delivered IAM solution and provided a clear understanding of the performance of the project team and the external technology consultant. Rosa’s work and report was extremely valuable in informing me on what IAM solution is appropriate for an organization like ours and the path to achieving it.

Robert Wong, Executive Vice President, Chief Information and Risk Officer Toronto Hydro-Electric System Limited

Nearly 80% of IT leaders believe their organization lacks sufficient protection against cyberattacks despite increased IT security investments made in 2020.


78% Lack Confidence in Their Company’s Cybersecurity Posture, Prompting 91% to Increase 2021 Budgets (yahoo.com).
Intact

KeyData provided excellent guidance for a strategic deployment of SailPoint IIQ in the CBI environment. Their expertise in the area of IAM was invaluable in tackling both existing and new process leading to a successful initial deployment of the solution. We look forward to a continued partnership with KeyData.

Frédéric St-Jean Mercier, Director, IT Service Center, Intact Financial Corporation

94% of organizations have experienced an identity-related breach at some point in time.


94 percent of organizations suffer identity-related breaches (betanews.com).
Manulife

KeyData helped to define the long-term IAM strategy for Manulife Financial. Three years later the company is still on course to fulfill that strategy.

Vaughn Littlejohn, AVP, Global Information Risk Management Shared Services Manulife Financial


University Of Waterloo logo horiz rev

The partnership with KeyData was critical to the success of our SailPoint IdentityIQ implementation and the decommissioning of our old IDM system. Thank you, to the team at KeyData.

Jason Testart, Director, Information Security Services University of Waterloo
Benefits of Cloud Solutions for Customers

Single Access Control Interface: Cloud IAM solutions offer a standardized interface for all cloud platform services, which can be

Enhanced security: SaaS and IDaaS solutions offer flexibility to define increased security for critical/sensitive applications.

Reduced costs: SaaS and IDaaS solutions typically offer reduced costs compared to traditional on-premises solutions.

Time: For most IDaaS and SaaS solutions installation is simple and maintenance responsibilities are shifted from your IT team to t

Scalability and Accessibility: IDaaS and SaaS solutions offer a pay-as-you-go model, providing enhanced flexibility and the abilit

High availability and support: Cloud IAM solutions are always available and offer constant support for a company’s assets. This me