The Risk of Privileged Users in the Cloud
Privileged users are entrusted with permissions to perform highly sensitive operations on systems, applications, programming interfaces and data. As critical infrastructure and data move to cloud apps and services the traditional controls organizations have for privileged users and administrators in the data center no longer address monitoring and privileged user management sufficiently. More organizations are choosing to monitor privileged activity in the cloud in order to detect and respond to cyber threats and malicious insiders proactively.
For example, Amazon Web Services administrators can change the configuration of production infrastructure, replicate a virtual instance or shutdown services all without a complete audit trail of their actions.
In addition, industry mandates such as PCI DSS and regulations such as SOX require monitoring and logging of privileged user activity wherever it takes place. Providing a log of changes to systems, settings and who made those changes is a common request.