Cloud computing is the use of computing resources, including hardware and software, that are delivered as a service over a network, typically the Internet. As cloud computing achieves increased popularity and adoption of cloud-based services by businesses increases, concerns over security and risks of using these cloud-based services become significant. Traditionally, systems and software applications were deployed in enterprise environments, such as within an enterprise's own private data network, with strict controls and policies to ensure that data and usage are compliant with the enterprise's standards. However, the adoption of cloud-based services offered by third parties creates a potential mismatch, or complete absence, of expected enterprise level controls. Enterprises are faced with the challenge of accessing risk exposure associated with the use of cloud-based services in order to apply compensating controls.
In particular, a system administrator or an information services officer of an enterprise may be charged with the responsibility of administrating one or more cloud service providers, such as an IaaS provider, on behalf of the enterprise for the users of the enterprise. The administrator accesses the cloud service provider through an administrator console. The administrator generally uses an authorized account to access the console. However, in some cases, the administrator may have created a shadow account to access a cloud service provider. These shadow accounts are not managed or monitored by the enterprise and may pose security risks for the enterprise.