The act of securing identities has morphed into the new perimeter, as organizations adopt COVID-induced remote work setups and network boundaries become even more vague.

“Now that remote work is the defacto norm, we can no longer rely on the traditional network perimeter,” said Katie Curtin-Mestre (pictured, right), vice president for marketing at CyberArk Software Ltd. “Securing your identities is the new perimeter.”

Curtin-Mestre and Bar Lavie (pictured, left), senior product manager at CyberArk, spoke with Dave Vellante, host of theCUBE, SiliconANGLE Media’s livestreaming studio, during AWS re:Invent. They discussed the role of privileged access management and how it secures an organization’s critical assets. (* Disclosure below.)

Man and machine

Adding a level of complication to the premise that Curtin-Mestre delves into is that “identity” now applies to machines too.

“It’s not just people anymore,” Vellante said. “The definition of identity is now more encompassing.”

That means securing secrets in machines must be added to human permissions as a security priority, according to CyberArk.

Indeed, an AWS CodeGuru feature called Secrets Detector was announced during this year’s AWS re:Invent. CodeGuru is a reviewer tool using machine learning and automated reasoning. It’s designed to detect vulnerabilities and, in this case, hard-coded secrets. Governance of secrets includes passwords, API keys, and so on.

Remediating excessive permissions in cloud applications is another area the team is focusing on “for any type of identity, both human and non-human,” Lavie said.

The key is to have a “unified and consistent set of security controls” across the entire estate, Curtin-Mestre added. These include credentials for on-premises servers, AWS EC2 instances, and CI/CD applications.

Importantly, organizations mustn’t provide too much access in acceleration to the cloud.

“They’re looking to take advantage of the agility and operational efficiency of the cloud providers,” Lavie added, but there’s a “potential loss of data that is caused due to the excessive access.”

Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of AWS re:Invent. (* Disclosure: CyberArk Software Ltd. sponsored this segment of theCUBE. Neither CyberArk nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE