CSO Online Feature: Connecting ABAC to Identity Governance and Administration to Extend Access Control Capabilities
Enterprises need an approach to improve synergies between existing IAM technologies
As applications, data and infrastructure continue moving into the cloud, the need for authorization of users to have the right access at the right time increases as well. The new enterprise is a hybrid of cloud and on-premise deployments all requiring a vetted, comprehensive and scalable access control model.
Within this changing climate, IT teams are overloaded with provisioning and deprovisioning, permissions management and pressure to easily audit and report on compliance. Access control automation is needed – and the access control solution needs to scale as the business grows.
As a first line of defense to effectively and efficiently control access to applications and data, organizations are turning toward identity governance and administration (IGA) to support both enterprise security and regulatory compliance. By leveraging IGA tools, access control is managed at administration time by automating the user provisioning and de-provisioning process.
The next line of defense is the run-time authorization service, which ideally uses an attribute and policy-based approach to enforce access rules on APIs, microservice and data services. Let’s explore how these two technologies can work in concert to uncover hidden value for enterprise customers.
Corporate Communications Manager