Observations Based On Inside-Out Defense’s Freemium Deployments
Venkat Thummisi
September 6, 2023
min read

Recently, Inside-Out Defense launched a freemium version of its Identity Abuse solution. We are thankful for the tremendous response we received from enterprises of all sizes who wanted to try out the industry's first identity abuse detection and response solution. 

We launched over 600 freemium deployments spanning tech, manufacturing, healthcare, insurance, and retail sectors. We have organized five important takeaways from these freemium deployments, as they were shared with us by the organizations that used our solution. 

  1. IT admins realized that their onboarding systems were largely static and needed to account for the growing footprint of users (internal and external) who received access to managed and unmanaged systems and applications.

          - Onboarding systems such as Active Directory/Okta didn't account for spawned users in other environments.

          - They needed to have complete visibility of all the systems and applications due to these being legacy or custom applications that did not seamlessly collaborate. 

          - Organizations must keep certain users such as 3rd party users out of their onboarding system. Instead, they provide direct access to a finetuned selection of              applications and systems that must be accounted for.

  1. This renewed their interest in Freemium and their desire to transition to full deployment to connect all their systems and applications and then determine the extent of unmanaged users and these users’ privileges. The concern that the IT admins had was the downstream complexity that they had to confront with machine identities

  1. About 35 percent of the deployments were cloud-only and amongst them, some of the significant vulnerabilities that were unearthed were unknown/hidden user footprints and excessively privileged users.

          - In many instances, there were third-party users affiliated with the organization but retained access to specific environments. This problem was primarily due to              the hidden nature of the users’ access.

  1. Amongst the Freemium users who had connected their cloud and SaaS applications, there was a considerable amount of residual footprints of unmanaged users who were no longer associated with the organization.

  1. Lastly, IT admins were surprised by the number of inactive privileged users. They held privileged entitlements that were rarely used, and this raised a red flag as such inactive users may potentially become “sitting ducks” and are easy targets for external compromise. This led some of the IT admins to ponder the effectiveness of the current right-sizing features that the onboarding systems possess. This issue stems from the onboarding systems providing birthright privileges, which may incrementally add additional entitlements to the users. However, they are not situationally aware of what privileges the users acquire in other systems, such as the AWS or Azure cloud.

These valuable observations from complex real-life systems reinforce Inside-Out Defense's focus on this largely unaddressed, massively rampant, and dangerous risk of identity abuse, which sometimes goes undetected in a constantly evolving organization’s perimeter. 

The hidden dangers of identity abuse loom as an ever-growing threat in today's complex digital supply chains. This insidious phenomenon encompasses a range of malicious activities, from identity theft and financial fraud to online impersonation and social engineering. As individuals increasingly rely on digital platforms for communication, commerce, and personal transactions, their sensitive personal information becomes a valuable currency for cybercriminals. The intricate web of interconnected systems and data repositories makes preventing and detecting such abuses challenging.

Industries need a comprehensive solution that can dynamically right-size user privileges and accurately determine the intent behind every user activity. It is time for the narrative of “Who accessed what, when, where, and why” to be flipped into “Who gets to access what, when, where, and why.” 

An AI-driven, intent-based access control system holds the answer. By employing advanced machine learning algorithms, such a system can learn and adapt to the standard behavioral patterns of users, allowing it to quickly identify deviations that might signal unauthorized access or malicious intent. 

This proactive approach enhances security and reduces the risk of over-privileging, a common pitfall in traditional access control models. Through real-time analysis of user actions, this AI-driven system can prevent identity abuse by granting access only when genuine intent is established, thwarting potential threats before they materialize. As industries grapple with the hidden complexities of identity abuse, embracing innovative solutions like intent-based access control could pave the way for a safer and more secure digital landscape. The ever-growing complexity of a modern interconnected user’s footprint brings a challenge growing out of control and way beyond the means and reach of existing tools.