When agencies go to the cloud, they usually do so with aspirations of more efficiency and new possibilities. Security’s job then is straightforward: Keep everything safe, and stay out of the way.

The problem is, that job isn’t so easy to execute when you factor business realities into the equation. For as many cloud vendors as there are that boast powerful and effective security solutions, agencies still go to multiple clouds because of cost and technical debt, creating an inconsistent landscape of security. This danger is especially pronounced when it comes to tracking users. As users bounce in and out of different workflows and multiple clouds, agencies need a way to enforce that these accounts are only accessing what they’re authorized to. This is known as privileged access management.

“We’re looking to ensure that people have the tools to do their job, and nothing more,” said Kevin Jermyn, Manager of Federal Engineering at CyberArk. CyberArk specializes in privileged access management and can work with multiple cloud providers simultaneously. In an interview with GovLoop, Jermyn provided three ideas for how agencies can make sure that access is secure in the cloud.