Who Cares? Access Management for Any Cloud!

December 17, 2014 Kevin O'Brien


Last week, Bloomberg ran a story about a major software development shop that has a truly hybrid cloud environment: a mix of Azure and AWS. The article is great (and worth a read), but it can be summarized simply: nobody picks just one provider any more.

Quoting from the piece, the client of the two cloud providers notes that he chose to hybridize across both platforms in response to last month’s Azure outage. His decision — a defensive play that makes it comparatively easy to switch back to AWS if Azure fails — “underscores the challenges Microsoft faces as it tries to wrest market share from industry leader and crosstown competitor Amazon.”


From the perspective of a neutral platform provider that works with both providers — as well as to Rackspace, VMWare, and a wide variety of bare metal providers — what the Bloomberg article describes is a case for abstracting access management away from the underlying platform. Imagine the effort involved in switching from one provider to another; as part of the process, how will you handle access management? User permissions? Service-to-service auth, so that your Jenkins server can still operate without having to rewrite your entire IAM stack?

One of the major benefits of the Conjur approach is that it decouples identity and access management from any particular cloud vendor. In doing so, our customers can get to a comfortably neutral place: who cares who wins the cloud platform argument? Access management will work regardless — users and services will be able to make Conjur calls no matter what the architecture is that underpins their actual work. Audit and compliance can see events and logs without interruption, even as the hardware and software environments shift.

It’s a classic write-once, use-anywhere scenario: Conjur is access management for any cloud, bringing elasticity to IAM and backing it up with strong zero-trust networking principles and a DevOps-friendly toolchain. And once it’s in place, who cares who your cloud provider is?


Previous Article
Attack Origin:  Does it Even Matter
Attack Origin: Does it Even Matter

It’s been an exciting month keeping up with the latest cyber security breach! If you aren’t caught up, list...

Next Article
NIST Recommendations for Securing Virtual Environments: Don’t Forget about Privileged Accounts
NIST Recommendations for Securing Virtual Environments: Don’t Forget about Privileged Accounts

By John Worrall Business-critical data increasingly is being moved to the cloud, which is why the new NIST ...

Check out our upcoming webinars!

See Webinars